Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-42581 (GCVE-0-2026-42581)
Vulnerability from cvelistv5 – Published: 2026-05-13 17:54 – Updated: 2026-07-10 12:06- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/netty/netty/security/advisorie… | x_refsource_CONFIRM |
| https://access.redhat.com/security/cve/CVE-2026-42581 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477232 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:28010 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25123 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:36820 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:37390 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23808 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:24502 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| netty | netty |
Affected:
>= 4.2.0.Alpha1, < 4.2.13.Final
Affected: < 4.1.133.Final |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.28 |
cpe:/a:redhat:openshift_devspaces:3.28::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.29 |
cpe:/a:redhat:openshift_devspaces:3.29::el9 |
|
| Red Hat | Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16 |
cpe:/a:redhat:apache_camel_spring_boot:4.18 |
|
| Red Hat | Red Hat build of Quarkus 3.27.4 |
cpe:/a:redhat:quarkus:3.27::el8 |
|
| Red Hat | Red Hat build of Quarkus 3.33.2 |
cpe:/a:redhat:quarkus:3.33::el8 |
|
| Red Hat | streams for Apache Kafka 2 |
cpe:/a:redhat:amq_streams:2 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat AMQ Broker 7 |
cpe:/a:redhat:amq_broker:7 |
|
| Red Hat | Red Hat AMQ Clients |
cpe:/a:redhat:amq_clients:2023 |
|
| Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 |
cpe:/a:redhat:camel_quarkus:3 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat build of Apicurio Registry 3 |
cpe:/a:redhat:apicurio_registry:3 |
|
| Red Hat | Red Hat build of Debezium 3 |
cpe:/a:redhat:debezium:3 |
|
| Red Hat | Red Hat Build of Keycloak |
cpe:/a:redhat:build_keycloak: |
|
| Red Hat | Red Hat build of OptaPlanner 8 |
cpe:/a:redhat:optaplanner:::el6 |
|
| Red Hat | Red Hat Data Grid 8 |
cpe:/a:redhat:jboss_data_grid:8 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 7 |
cpe:/a:redhat:jboss_enterprise_application_platform:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Single Sign-On 7 |
cpe:/a:redhat:red_hat_single_sign_on:7 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42581",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T18:42:38.397208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T18:42:59.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.28::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.28",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.29::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.29",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_spring_boot:4.18"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.33::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.33.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2"
],
"defaultStatus": "unaffected",
"product": "streams for Apache Kafka 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "unknown",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7"
],
"defaultStatus": "unknown",
"product": "Red Hat AMQ Broker 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "unknown",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "unknown",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "unknown",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "unknown",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "unknown",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unknown",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "unknown",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "unknown",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "unknown",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unknown",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "unknown",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unknown",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unknown",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unknown",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "unknown",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unknown",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "unknown",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "unknown",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-13T17:54:44.492Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T12:06:05.360Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"name": "RHBZ#2477232",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42581.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23808"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24502"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:28010: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:25123: Red Hat OpenShift Dev Spaces 3.28"
},
{
"lang": "en",
"value": "RHSA-2026:36820: Red Hat OpenShift Dev Spaces 3.29"
},
{
"lang": "en",
"value": "RHSA-2026:37390: Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
},
{
"lang": "en",
"value": "RHSA-2026:23808: Red Hat build of Quarkus 3.27.4"
},
{
"lang": "en",
"value": "RHSA-2026:24502: Red Hat build of Quarkus 3.33.2"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-13T19:02:26.404Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-13T17:54:44.492Z",
"value": "Made public."
}
],
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.2.0.Alpha1, \u003c 4.2.13.Final"
},
{
"status": "affected",
"version": "\u003c 4.1.133.Final"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absent for HTTP/1.0. An attacker that sends an HTTP/1.0 request with both headers causes Netty to decode the body as chunked while leaving Content-Length intact in the forwarded HttpMessage. Any downstream proxy or handler that trusts Content-Length over Transfer-Encoding will disagree on message boundaries, enabling request smuggling. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:54:44.492Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"source": {
"advisory": "GHSA-xxqh-mfjm-7mv9",
"discovery": "UNKNOWN"
},
"title": "Netty: HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-42581",
"datePublished": "2026-05-13T17:54:44.492Z",
"dateReserved": "2026-04-28T17:26:12.085Z",
"dateUpdated": "2026-07-10T12:06:05.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-42581",
"date": "2026-07-12",
"epss": "0.00607",
"percentile": "0.44884"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-42581\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-13T19:17:23.627\",\"lastModified\":\"2026-07-10T12:16:54.283\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absent for HTTP/1.0. An attacker that sends an HTTP/1.0 request with both headers causes Netty to decode the body as chunked while leaving Content-Length intact in the forwarded HttpMessage. Any downstream proxy or handler that trusts Content-Length over Transfer-Encoding will disagree on message boundaries, enabling request smuggling. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"netty\",\"product\":\"netty\",\"versions\":[{\"version\":\"\u003e= 4.2.0.Alpha1, \u003c 4.2.13.Final\",\"status\":\"affected\"},{\"version\":\"\u003c 4.1.133.Final\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.28\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.28::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.29\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.29::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_spring_boot:4.18\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.27.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.27::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.33.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.33::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Clients\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:amq_clients:2023\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4 for Quarkus 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:camel_quarkus:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:service_registry:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:apicurio_registry:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Debezium 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:debezium:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Keycloak\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:build_keycloak:\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of OptaPlanner 8\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:optaplanner:::el6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Data Grid 8\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jboss_data_grid:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 7\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 8\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Process Automation 7\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Single Sign-On 7\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:red_hat_single_sign_on:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.7}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-13T18:42:38.397208Z\",\"id\":\"CVE-2026-42581\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.133\",\"matchCriteriaId\":\"DFE205A5-2C43-40C9-A2FF-CF6759B8D861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.2.13\",\"matchCriteriaId\":\"D94A720F-9CED-4BE9-8C37-FD9E2FD28472\"}]}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23808\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24502\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25123\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28010\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36820\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37390\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-42581\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2477232\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42581.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-07-09T15:30:04+00:00",
"cve": "CVE-2026-42581",
"id": "CVE-2026-42581",
"initial_release_date": "2026-05-13T17:54:44.492000+00:00",
"product_status:fixed": "25",
"product_status:known_not_affected": "125",
"product_status:under_investigation": "49",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42581.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.28::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.28\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.29::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.29\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.27::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.27.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.33::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.33.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:2\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:amq_clients:2023\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Clients\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:camel_quarkus:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel 4 for Quarkus 3\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:camel_spring_boot:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel for Spring Boot 4\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:service_registry:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 2\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:apicurio_registry:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 3\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:debezium:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Debezium 3\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:build_keycloak:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Keycloak\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:optaplanner:::el6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of OptaPlanner 8\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Data Grid 8\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Process Automation 7\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_single_sign_on:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Single Sign-On 7\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-13T19:02:26.404Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-13T17:54:44.492Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:28010: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25123: Red Hat OpenShift Dev Spaces 3.28\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36820: Red Hat OpenShift Dev Spaces 3.29\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23808: Red Hat build of Quarkus 3.27.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24502: Red Hat build of Quarkus 3.33.2\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-13T17:54:44.492Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-42581\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2477232\", \"name\": \"RHBZ#2477232\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42581.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28010\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25123\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36820\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23808\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24502\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-09T12:09:58.672Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-42581\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T18:42:38.397208Z\"}}}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T18:42:53.380Z\"}}], \"cna\": {\"title\": \"Netty: HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization\", \"source\": {\"advisory\": \"GHSA-xxqh-mfjm-7mv9\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.2.0.Alpha1, \u003c 4.2.13.Final\"}, {\"status\": \"affected\", \"version\": \"\u003c 4.1.133.Final\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absent for HTTP/1.0. An attacker that sends an HTTP/1.0 request with both headers causes Netty to decode the body as chunked while leaving Content-Length intact in the forwarded HttpMessage. Any downstream proxy or handler that trusts Content-Length over Transfer-Encoding will disagree on message boundaries, enabling request smuggling. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-13T17:54:44.492Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-42581\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-09T12:09:58.672Z\", \"dateReserved\": \"2026-04-28T17:26:12.085Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-13T17:54:44.492Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:28010
Vulnerability from csaf_redhat - Published: 2026-06-22 17:15 - Updated: 2026-07-09 21:09A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a "free(): invalid pointer" error, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user's browser, leading to Cross-Site Scripting (XSS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
A flaw was found in Netty. Netty's DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Workaround
|
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nSecurity Fix(es):\n\n* DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (CVE-2026-41240)\n* crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n* shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (CVE-2026-9277)\n* Apache Thrift: Security bypass due to improper certificate validation (CVE-2026-43869)\n* Netty: High integrity impact due to improper DNS domain name constraint enforcement (CVE-2026-42579)\n* Netty: Incorrect HTTP response parsing leads to data confusion (CVE-2026-42584)\n* Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers (CVE-2026-42581)\n* Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation (CVE-2026-42578)\n* Netty: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n* Apache Thrift c_glib: Denial of Service via specially crafted requests (CVE-2025-48431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28010",
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "2463410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
},
{
"category": "external",
"summary": "2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28010.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2026-07-09T21:09:01+00:00",
"generator": {
"date": "2026-07-09T21:09:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:28010",
"initial_release_date": "2026-06-22T17:15:26+00:00",
"revision_history": [
{
"date": "2026-06-22T17:15:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T17:15:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-09T21:09:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 4 on RHEL 9",
"product": {
"name": "Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:4::el9"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product_id": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-15"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-10"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product_id": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-10"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-8"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-15"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-16"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-10"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-48431",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2026-04-28T10:01:26.612789+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463410"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift c_glib language bindings. A remote attacker could send specially crafted requests to a c_glib-based Thrift server, leading to a mismatched memory management routines vulnerability. This could cause the server to crash with a \"free(): invalid pointer\" error, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability affecting Apache Thrift c_glib language bindings. Remote attackers can exploit this flaw by sending specially crafted requests to a c_glib-based Thrift server, leading to a server crash and service disruption. This impact is considered Important due to the potential for unauthenticated remote denial of service in Red Hat products that deploy and expose such Thrift servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48431"
},
{
"category": "external",
"summary": "RHBZ#2463410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463410"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48431"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/8",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/8"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:11:44.283000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: c_glib: Apache Thrift c_glib: Denial of Service via specially crafted requests"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-41240",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-04-23T16:04:41.751666+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461147"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user\u0027s browser, leading to Cross-Site Scripting (XSS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41240"
},
{
"category": "external",
"summary": "RHBZ#2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80",
"url": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m"
}
],
"release_date": "2026-04-23T14:54:32.426000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization"
},
{
"cve": "CVE-2026-42578",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-13T19:02:00.826936+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "RHBZ#2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr",
"url": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr"
}
],
"release_date": "2026-05-13T17:57:43.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation"
},
{
"cve": "CVE-2026-42579",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-05-13T19:01:25.062732+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477217"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. Netty\u0027s DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important integrity flaw in Netty\u0027s DNS codec. The vulnerability arises from insufficient enforcement of RFC 1035 domain name constraints during both encoding and decoding, allowing remote attackers to manipulate DNS responses or user-controlled hostnames. This could lead to a high integrity impact on affected Red Hat products that utilize the vulnerable Netty DNS codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "RHBZ#2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm"
}
],
"release_date": "2026-05-13T18:01:52.500000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement"
},
{
"cve": "CVE-2026-42581",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:02:26.404511+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477232"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw. Netty\u0027s HttpObjectDecoder, used across various Red Hat products, improperly handles conflicting `Transfer-Encoding: chunked` and `Content-Length` headers in HTTP/1.0 requests. This allows a remote attacker to perform HTTP request smuggling, potentially bypassing security controls or gaining unauthorized access to information due to misinterpretation of message boundaries by downstream proxies or handlers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "RHBZ#2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"release_date": "2026-05-13T17:54:44.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers"
},
{
"cve": "CVE-2026-42584",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:01:51.846351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477224"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Netty\u0027s HttpClientCodec allows a remote attacker to cause data confusion. By sending a specially crafted sequence of HTTP responses, an attacker can cause subsequent HTTP responses to be parsed incorrectly, potentially leading to information disclosure or data integrity issues in applications utilizing Netty for HTTP client operations. This vulnerability affects various Red Hat products that bundle Netty, including Red Hat AMQ, Enterprise Application Platform, Red Hat Build of Quarkus, and Red Hat Build of Keycloak.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "RHBZ#2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3",
"url": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"
}
],
"release_date": "2026-05-13T18:10:48.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T17:15:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28010"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:b24e82ee4ae599b923a24317121f5e510dfb97497d0685745c02bd800734e993_arm64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:cdecc70f89a5ab3e5814561bca539a070389eca8566e84397a0e998f3ccb88e6_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:064fa3780f79011c98dcabe589fedaa66755904e298714d3753b06dc07011e6e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:6259b43f01e14bcfd66cc720f0e385a26c25e38d6085581cf52de5f1955edbed_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:42700ce6541e2e989b2f2f11877139e0283bb6b62f2c7988f24703a809798c6f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:c9a5f19878b38c4e3cd2cc1f0afb9b5c3e51f93195c6d2a789d5a2ebd5c40f20_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d11c60a59969db188675694ea70e975347645da7dddcba451856f93715d46a4f_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ec4ad72eeff4ad2c81e22f2b6d29dc0113ac38a163de3245c8ff84e738b3892a_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:08bc4c4c4049ece749ebbf00e2da6f4e2da1fd28635508268f13e4c8ee81f001_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:131c5273c1cfc51060514f8ffe76ec2999ccd39e598dee09a2f151addbae9cb4_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:a84bde7d350a83bbdc60ef80bdcad3d1d4c7794816ee02c3bbcd185a0881c838_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ba96c3f24fb861b6214f6a7b1bf778deb032a654542c40a5af9eebdcfece3834_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:4cd0a3b5132ee4bfd17332247a254b680cacb4501792055a2772712a65fae3c9_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:76a3ad2cb49b44aaee57c952c1a8a70884eac5d39bae85cddf8e995dfb20a75e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0a59132b639c754650bc38b836a636a76ab27531a0b2e67258e61984c32e903d_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:dfda0b39740b52574fa44dd8830338c1b51b0027c78e3a679a1f0ba7f8dbddbd_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:4ebed4d89315d7f8baa80d8f54d26351ff8e7aac7c29dfb8dd28acb455ecba65_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:9c5a9f6f958e02c89bdee98fe828e23ede3ec50f2386ab2f479d8dff1dce99e2_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:391f217a593b1992f949590b6084343acf3935ed039da1b137a62184d664a50f_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:68307d0f051583a1fcba76766c731686e4f50159935d7b9578eba4847227dab2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
}
]
}
RHSA-2026:36820
Vulnerability from csaf_redhat - Published: 2026-07-08 17:12 - Updated: 2026-07-12 19:34A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from unintended origins may be trusted, and secure HTTPS connections could be silently downgraded to unencrypted HTTP, resulting in information disclosure and data integrity issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier (URI), it silently ignores Transport Layer Security (TLS) options, such as custom Certificate Authorities (CAs). This allows a remote attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and tampering with HTTPS communications. The connection falls back to Node.js's default trust store, bypassing intended security configurations and potentially leading to information disclosure or arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in undici. A malicious WebSocket server can exploit this by streaming numerous small or empty continuation frames. This can bypass per-frame and cumulative-size validation, leading to unbounded memory growth in the client process. The primary consequence is memory exhaustion, resulting in a denial of service (DoS) for affected applications using the undici WebSocket client or WebSocketStream API.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user clicks a specially crafted link within a JavaDoc hover popup, an attacker can execute arbitrary VS Code commands, which can lead to full system compromise in trusted workspaces.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user's browser.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
A flaw was found in Netty. Netty's DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Traefik. A low-privileged tenant with HTTPRoute creation permissions in Traefik's Kubernetes Gateway API provider can bypass security settings. This allows the tenant to expose the REST provider handler and gain live dynamic configuration write access to Traefik. This vulnerability enables unauthorized reconfiguration of routers and services, potentially leading to privilege escalation within the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in OpenTelemetry Java, specifically within the baggage propagation implementation of opentelemetry-api and opentelemetry-extension-trace-propagators. A remote attacker can exploit this vulnerability by sending oversized baggage, which leads to unbounded memory allocation and high CPU consumption. This can result in a Denial of Service (DoS) for the affected service. Furthermore, because baggage is automatically re-injected into outgoing requests, the impact can spread to other downstream services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.29.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\nThe 3.29 release is based on Eclipse Che 7.119 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\nUsers still using the v1 standard should migrate as soon as possible.\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\nDev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36820",
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.29/html/administration_guide/installing-devspaces",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.29/html/administration_guide/installing-devspaces"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12151",
"url": "https://access.redhat.com/security/cve/CVE-2026-12151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12856",
"url": "https://access.redhat.com/security/cve/CVE-2026-12856"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42338",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42578",
"url": "https://access.redhat.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42579",
"url": "https://access.redhat.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42581",
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42583",
"url": "https://access.redhat.com/security/cve/CVE-2026-42583"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42584",
"url": "https://access.redhat.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42587",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44249",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44774",
"url": "https://access.redhat.com/security/cve/CVE-2026-44774"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44893",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45292",
"url": "https://access.redhat.com/security/cve/CVE-2026-45292"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45736",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48043",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48059",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48779",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-50559",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6734",
"url": "https://access.redhat.com/security/cve/CVE-2026-6734"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9697",
"url": "https://access.redhat.com/security/cve/CVE-2026-9697"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36820.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.29.0 Release.",
"tracking": {
"current_release_date": "2026-07-12T19:34:46+00:00",
"generator": {
"date": "2026-07-12T19:34:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36820",
"initial_release_date": "2026-07-08T17:12:17+00:00",
"revision_history": [
{
"date": "2026-07-08T17:12:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T17:12:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-12T19:34:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3.29",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3.29::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=1782498475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-sshd-rhel9\u0026tag=1782497670"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Ab5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=1782403514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=1782498792"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=1782403262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/jetbrains-ide-rhel9\u0026tag=1783093088"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/multicluster-redirector-rhel9\u0026tag=1782989027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"product": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"product_id": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/oauth2-proxy-rhel9\u0026tag=1782487406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ac05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/openvsx-rhel9\u0026tag=1783007534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=1782403611"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256%3A6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=1783094587"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Afdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=1782989367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Afcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=1783033397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=1782403274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=1782991491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ad0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel10\u0026tag=1782987430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=1782987705"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=1782498475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Ae8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-sshd-rhel9\u0026tag=1782497670"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=1782403514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=1782498792"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=1782403262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Aaa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/jetbrains-ide-rhel9\u0026tag=1783093088"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/multicluster-redirector-rhel9\u0026tag=1782989027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"product": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"product_id": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/oauth2-proxy-rhel9\u0026tag=1782487406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/openvsx-rhel9\u0026tag=1783007534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=1782403611"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=1782989367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Aa107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=1783033397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=1782403274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=1782991491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ae99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel10\u0026tag=1782987430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Ad086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=1782987705"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Ae1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=1782498475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-sshd-rhel9\u0026tag=1782497670"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=1782403514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=1782498792"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=1782403262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Abf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/jetbrains-ide-rhel9\u0026tag=1783093088"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3Ad55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/multicluster-redirector-rhel9\u0026tag=1782989027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"product_id": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/oauth2-proxy-rhel9\u0026tag=1782487406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/openvsx-rhel9\u0026tag=1783007534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=1782403611"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=1782989367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Ae21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=1783033397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=1782403274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=1782991491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel10\u0026tag=1782987430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Aacd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=1782987705"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=1782498475"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Af2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/code-sshd-rhel9\u0026tag=1782497670"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=1782403514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=1782498792"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3Ab0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=1782403262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/jetbrains-ide-rhel9\u0026tag=1783093088"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/multicluster-redirector-rhel9\u0026tag=1782989027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"product": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"product_id": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oauth2-proxy-rhel9@sha256%3A93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/oauth2-proxy-rhel9\u0026tag=1782487406"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Aaf3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/openvsx-rhel9\u0026tag=1783007534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=1782403611"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=1782989367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=1783033397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Ac18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=1782403274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Af0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=1782991491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel10\u0026tag=1782987430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3?arch=arm64\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=1782987705"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x"
},
"product_reference": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64"
},
"product_reference": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64"
},
"product_reference": "registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64 as a component of Red Hat OpenShift Dev Spaces 3.29",
"product_id": "Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.29"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6734",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2026-06-17T19:04:00.272340+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2490024"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from unintended origins may be trusted, and secure HTTPS connections could be silently downgraded to unencrypted HTTP, resulting in information disclosure and data integrity issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is rated as an Important security flaw. The `undici` library, when configured with `Socks5ProxyAgent` to handle requests for multiple origins, incorrectly reuses connection pools. This can lead to sensitive data and credentials being misrouted to unintended destinations, potentially downgrading HTTPS connections to HTTP and compromising data integrity and confidentiality. Red Hat products utilizing `undici` with `Socks5ProxyAgent` in multi-origin scenarios are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6734"
},
{
"category": "external",
"summary": "RHBZ#2490024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6734",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6734"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj"
}
],
"release_date": "2026-06-17T16:36:55.439000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "The single most impactful mitigation is applying network egress controls to restrict which external destinations affected applications can reach. Because the vulnerability causes requests to be misrouted to wrong origins, limiting the set of reachable origins directly reduces the attack surface. These controls collectively limit the blast radius of the connection pool misrouting \u2014 the attacker must compromise one of the explicitly allowed destinations rather than any arbitrary origin \u2014 but they do not fix the underlying logic bug.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing"
},
{
"cve": "CVE-2026-9697",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-06-17T19:03:30.813843+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2490018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. When undici\u0027s ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier (URI), it silently ignores Transport Layer Security (TLS) options, such as custom Certificate Authorities (CAs). This allows a remote attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and tampering with HTTPS communications. The connection falls back to Node.js\u0027s default trust store, bypassing intended security configurations and potentially leading to information disclosure or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability. Applications using `undici`\u0027s `ProxyAgent` with a SOCKS5 proxy URI will silently ignore user-configured TLS options, including custom Certificate Authorities. This bypasses intended security controls for HTTPS communication, enabling a remote attacker to perform Man-in-the-Middle attacks, potentially leading to information disclosure or arbitrary code execution in affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9697"
},
{
"category": "external",
"summary": "RHBZ#2490018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9697",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9697"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9697",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9697"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g"
}
],
"release_date": "2026-06-17T16:46:42.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy"
},
{
"cve": "CVE-2026-12151",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-17T17:01:45.297604+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489980"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A malicious WebSocket server can exploit this by streaming numerous small or empty continuation frames. This can bypass per-frame and cumulative-size validation, leading to unbounded memory growth in the client process. The primary consequence is memory exhaustion, resulting in a denial of service (DoS) for affected applications using the undici WebSocket client or WebSocketStream API.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the `undici` WebSocket client allows a remote attacker to cause unbounded memory growth. By sending numerous small or empty WebSocket frames, an unauthenticated attacker can exhaust system memory, leading to a denial of service in Red Hat products that use the affected client.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12151"
},
{
"category": "external",
"summary": "RHBZ#2489980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12151"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q"
}
],
"release_date": "2026-06-17T16:05:38.785000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames"
},
{
"acknowledgments": [
{
"names": [
"byte256"
]
}
],
"cve": "CVE-2026-12856",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-06-20T17:33:27+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2491278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user clicks a specially crafted link within a JavaDoc hover popup, an attacker can execute arbitrary VS Code commands, which can lead to full system compromise in trusted workspaces.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vscode-java: vscode: Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important, given that it requires a user to open a malicious Java source file and interact with a hover popup. Successful exploitation allows an attacker to execute arbitrary commands within the context of the VS Code editor and potentially the underlying operating system. The vulnerability\u0027s root cause is the over-trusting of Markdown content returned by the Java language server, which fails to isolate extension-generated trusted links from attacker-controlled JavaDoc content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12856"
},
{
"category": "external",
"summary": "RHBZ#2491278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12856"
},
{
"category": "external",
"summary": "https://github.com/redhat-developer/vscode-java/security/advisories/GHSA-7qv8-6qrw-3crv",
"url": "https://github.com/redhat-developer/vscode-java/security/advisories/GHSA-7qv8-6qrw-3crv"
}
],
"release_date": "2026-06-29T12:25:07.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid opening or interacting with untrusted Java projects or files within Red Hat OpenShift Dev Spaces. Exercise caution and refrain from clicking on unfamiliar links presented in JavaDoc hover popups, particularly when working with code from unverified sources. Disabling the `vscode-java` extension when not actively engaged in Java development can further reduce exposure, though this will impact Java-related functionality.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vscode-java: vscode: Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-42338",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-12T21:01:14.436876+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2476810"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in the `ip-address` JavaScript library is rated as Important. It allows for cross-site scripting (XSS) when an application processes untrusted input through the `Address6` constructor and subsequently renders the unescaped output of methods like `Address6.group()`, `Address6.link()`, or `AddressError.parseMessage` directly as HTML. While the library itself is affected, exploitation is contingent on specific application-level rendering practices that may not be common in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "RHBZ#2476810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g",
"url": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g"
}
],
"release_date": "2026-05-12T19:43:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input"
},
{
"cve": "CVE-2026-42578",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-13T19:02:00.826936+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "RHBZ#2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr",
"url": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr"
}
],
"release_date": "2026-05-13T17:57:43.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation"
},
{
"cve": "CVE-2026-42579",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-05-13T19:01:25.062732+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477217"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. Netty\u0027s DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important integrity flaw in Netty\u0027s DNS codec. The vulnerability arises from insufficient enforcement of RFC 1035 domain name constraints during both encoding and decoding, allowing remote attackers to manipulate DNS responses or user-controlled hostnames. This could lead to a high integrity impact on affected Red Hat products that utilize the vulnerable Netty DNS codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "RHBZ#2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm"
}
],
"release_date": "2026-05-13T18:01:52.500000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement"
},
{
"cve": "CVE-2026-42581",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:02:26.404511+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477232"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw. Netty\u0027s HttpObjectDecoder, used across various Red Hat products, improperly handles conflicting `Transfer-Encoding: chunked` and `Content-Length` headers in HTTP/1.0 requests. This allows a remote attacker to perform HTTP request smuggling, potentially bypassing security controls or gaining unauthorized access to information due to misinterpretation of message boundaries by downstream proxies or handlers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "RHBZ#2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"release_date": "2026-05-13T17:54:44.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers"
},
{
"cve": "CVE-2026-42583",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:32.498598+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in Netty\u0027s LZ4FrameDecoder. The decoder allocates a buffer based on the decompressed length from the LZ4 frame header (up to 32 MB per block) before decompression runs. A remote attacker can send a small crafted LZ4 header (as few as 22 bytes) to force excessive memory allocation, leading to a denial of service. Red Hat products that use Netty with LZ4 compression enabled are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42583"
},
{
"category": "external",
"summary": "RHBZ#2477219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42583"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6",
"url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6"
}
],
"release_date": "2026-05-13T18:09:19.817000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder"
},
{
"cve": "CVE-2026-42584",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:01:51.846351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477224"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Netty\u0027s HttpClientCodec allows a remote attacker to cause data confusion. By sending a specially crafted sequence of HTTP responses, an attacker can cause subsequent HTTP responses to be parsed incorrectly, potentially leading to information disclosure or data integrity issues in applications utilizing Netty for HTTP client operations. This vulnerability affects various Red Hat products that bundle Netty, including Red Hat AMQ, Enterprise Application Platform, Red Hat Build of Quarkus, and Red Hat Build of Keycloak.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "RHBZ#2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3",
"url": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"
}
],
"release_date": "2026-05-13T18:10:48.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44486",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:30.944384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487947"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "RHBZ#2487947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
"url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
}
],
"release_date": "2026-06-11T15:39:07.714000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
},
{
"cve": "CVE-2026-44487",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:34.091476+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487948"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "RHBZ#2487948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
"url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
}
],
"release_date": "2026-06-11T15:38:25.150000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
},
{
"cve": "CVE-2026-44488",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T17:01:36.836488+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "RHBZ#2487949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
}
],
"release_date": "2026-06-11T15:37:38.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
},
{
"cve": "CVE-2026-44492",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-06-11T17:00:56.761751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "RHBZ#2487938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
}
],
"release_date": "2026-06-11T15:29:13.890000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
},
{
"cve": "CVE-2026-44494",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:01:12.945664+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "RHBZ#2487942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
"url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
}
],
"release_date": "2026-06-11T15:32:03.155000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
},
{
"cve": "CVE-2026-44495",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:00:53.999811+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "RHBZ#2487937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
}
],
"release_date": "2026-06-11T15:33:12.433000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
},
{
"cve": "CVE-2026-44774",
"cwe": {
"id": "CWE-15",
"name": "External Control of System or Configuration Setting"
},
"discovery_date": "2026-05-15T17:01:12.579630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik. A low-privileged tenant with HTTPRoute creation permissions in Traefik\u0027s Kubernetes Gateway API provider can bypass security settings. This allows the tenant to expose the REST provider handler and gain live dynamic configuration write access to Traefik. This vulnerability enables unauthorized reconfiguration of routers and services, potentially leading to privilege escalation within the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "traefik: Traefik: Privilege escalation via Kubernetes Gateway API provider configuration bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44774"
},
{
"category": "external",
"summary": "RHBZ#2477937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44774",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44774"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.46",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.46"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.17",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.17"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.7.1",
"url": "https://github.com/traefik/traefik/releases/tag/v3.7.1"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-96qj-4jj5-wcjc",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-96qj-4jj5-wcjc"
}
],
"release_date": "2026-05-15T16:30:43.265000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Upgrade Traefik to version 2.11.46 or later (2.x line), 3.6.17 or later (3.6.x line), or 3.7.1 or later (3.7.x line) by installing updated Red Hat OpenShift Dev Spaces releases that ship a fixed traefik-rhel9 container image.\n\nUntil updated images are available, limit which principals can create HTTPRoute resources in namespaces where Traefik runs with the Kubernetes Gateway API provider. Disable or tightly restrict the Traefik REST dynamic configuration provider in shared Gateway deployments, and block untrusted use of TraefikService backends that reference @internal handlers.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "traefik: Traefik: Privilege escalation via Kubernetes Gateway API provider configuration bypass"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45292",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-28T17:02:14.674828+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2482785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenTelemetry Java, specifically within the baggage propagation implementation of opentelemetry-api and opentelemetry-extension-trace-propagators. A remote attacker can exploit this vulnerability by sending oversized baggage, which leads to unbounded memory allocation and high CPU consumption. This can result in a Denial of Service (DoS) for the affected service. Furthermore, because baggage is automatically re-injected into outgoing requests, the impact can spread to other downstream services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in OpenTelemetry Java\u0027s baggage propagation, affecting Red Hat products that use OpenTelemetry for telemetry. A remote attacker can exploit this by sending excessively large baggage, leading to uncontrolled memory and CPU usage. The vulnerability\u0027s impact can extend to downstream services due to automatic re-injection of baggage into outgoing requests.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45292"
},
{
"category": "external",
"summary": "RHBZ#2482785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45292"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-java/commit/03837d3c1763bc35464aea1078671e2ef2336a5f",
"url": "https://github.com/open-telemetry/opentelemetry-java/commit/03837d3c1763bc35464aea1078671e2ef2336a5f"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-java/pull/8380",
"url": "https://github.com/open-telemetry/opentelemetry-java/pull/8380"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-java/releases/tag/v1.62.0",
"url": "https://github.com/open-telemetry/opentelemetry-java/releases/tag/v1.62.0"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-java/security/advisories/GHSA-rcgg-9c38-7xpx",
"url": "https://github.com/open-telemetry/opentelemetry-java/security/advisories/GHSA-rcgg-9c38-7xpx"
}
],
"release_date": "2026-05-28T16:37:29.490000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage"
},
{
"cve": "CVE-2026-45736",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2026-05-15T16:00:55.786944+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in the `ws` WebSocket library for Node.js could lead to sensitive information disclosure. The flaw occurs when a `TypedArray` is specifically provided as the `reason` argument to the `websocket.close()` function, potentially exposing uninitialized memory. Red Hat products utilizing this library may be affected if their implementations allow for such a crafted `close()` call.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "RHBZ#2477914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45736",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086",
"url": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx"
}
],
"release_date": "2026-05-15T14:53:57.263000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-48779",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-06-16T22:01:24.571224+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489661"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `ws` WebSocket library. A remote attacker can exploit this flaw by sending a high volume of small, fragmented data, leading to excessive memory consumption and subsequent process termination. This can result in service disruption for Red Hat products that utilize `ws` for WebSocket communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "RHBZ#2489661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7",
"url": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53",
"url": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94",
"url": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8",
"url": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p"
}
],
"release_date": "2026-06-16T21:26:22.537000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T17:12:17+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36820"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:1384e5ba2b7d23119a49d8713826f4c65668bca310589ac7abd0c0d41c7e4c90_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:7f58528b1da9146aa55917324fdf2b375794742b34e5d10ff57f713af60746cd_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:844c3b1499b00aeadfc561642e53792ad80f535efd53b35793ba08b0f26c6d61_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-rhel9@sha256:e1019c30e1d84e66d775d0d6fc7d051803dcbe44823fb2a1914807be39c79dae_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:8c9a7ebf430b9f4ca200c6c70b049e8456cf88fd8bf0871b42d65e8dc786d451_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:926d965e6fd12ec0d758270fb4c90bbdc1a05e60cc4c895cf9b671a296c9d867_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e8e807451e3c5d8d0a8575e1280d7125a4ece51547a7b4a5cd247837662cedad_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f2a24aa01cbe0d926d4aefe3b12eba21eb5ec7f87276e572a6814c727228624c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:45cc0d783d1e7874ac73dfbdfe7e03c63b227ab3c4f1e15a0a2f5c97956a76d9_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:6f3eb26734e89375c3e1fb7ac366e12dc0d41bac8f07de9210c7e9845a01eec1_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:768c45fa9f35d98dfe5cfe1ea12f552402bf68ac6e1f828b14310ef59ce57c40_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/configbump-rhel9@sha256:b5f1bf30495f6be97c696cf7f90768629cee96f8d106f745bf95fdefddc99592_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:137ffbb95d463d95da6c350600d968f3cd0e9873bf2e7c6edf952ae3229e9e2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:1cccdfd7e90877c27c6d8caea4f1e8ad89bb97c83d97ddf570d4f4ee116f1986_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:71657b82894cfd9e350746f48965e148868a675b9a20dcb7f94a6bc7a5b16ea5_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/dashboard-rhel9@sha256:881e405e32821ef10cf992c7a633281c1dc45df721fe909048df1689472000ce_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:6c85b42ede0f4745ed558bcb03d033c49f56cef17a70c12e5308066124cac6e3_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:091529a93e258a612fd4a98222e6a370ee10b4e97efa791b50f79a2670163d01_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:0e8958a22f6771ddfe32b34027c69dbbef65d980c7e465a79d4202d2627994ad_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:5a8b0203ff083113e8b30a123ab30c4bad571f57fb59c1e7e01807b92552504e_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:89bf6a32a0935cacadbc6d23566dce6ca741e404d58c11050638c7b8e868028b_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:077cc953354ea2edd85569a622f97c15d44163d68234e7a9fdee899d25c19cdb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:66285f866090e1bfbedacd592e9d5ea9f2a30b88aa03bc86bc790d6b98a929a4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8c80054171d5063457df4bd074674b1824783a101dacb6137da227080aff957c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:b0f15904251c6665961eef9c944d00f17499f7219351fe213fe7935f62fbf7ac_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:62476ac2fb0096caa9b181f523cc3573ccffe70be1433f08d1d0255b6d3a0640_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6f632bc9829880a44e2e94084284b52683b4a01dc3315043b0aa32eb344b16cb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:aa3d1cf7853bfe8307efb01f714585f378d1d3d4ed5de7c8808a72e4aeecd4f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:bf1d4b2b1ef03e65be59699ce3233a75a34e1777abc182984c7a8efa698a936e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:141f17d12c748c7ab9e94cfd9db7e2492d3063e7478249d6430ac0d8fcfb8875_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5909184fe3d37eb45ba3bf55d7b708d818f2a5abfc2949c4a7081a5cd30cea4f_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:6217f0bb4937fa0e0fc0a5c86456fdc1992e169dfedc3d11d5165cef575d4d53_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:d55a55a36a23e7deb83718bd5dcc19b083b84d441add72ea7f4e28935e4717e3_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:0f8e1171f278395f3c72e4d9d3c0492bed15b678963fb2b6182bd65343b85a2e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:823bb59b1c7d01557c29f9f1e4a4ee39814c38d826b06c3c9de4b8d179078419_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:93c7e9b321c7e9aa4a412a993a6b20412e24772832cc0dd23bbb17aa25f15487_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/oauth2-proxy-rhel9@sha256:9e50b45f81fedab27e896f04b80bacaa01d8370ff5679147f95ad79b61972d83_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:8f145d4e336bd77fcc94f0845f9ebf94563ffd96d56794d96a665c11241df152_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:981917806c7faf31156241cc85577cf375ee566f78adaeadc096d0ba8482b835_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:af3ed91687500d64e2348cca4877c43f73211b8fbd132e7767c3521763185348_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c05020e5ee5bddc62e38493cd16b6e4ffde7c2248a00d710f32b90a6ee12ceeb_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2af86b409540513f6da1afa83110a5cafe8778d2ec16332faa31c964bd5f43f7_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:2f3bec76a833a72c7dfa93ed55e55e80e2621c154e5a2f156deaf78d7c6b97b4_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:81a2385be30079500f13f97a18607aa685abd61265bf8fa78bc6ce126341be50_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fdc8f64f3b82b200a5e31b01b8612069f1aa897014085c1de755394552a1a70a_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:856b9088dbda4e7374daf232602f4bb90b05ad1be1df46d6e363a002f549f4de_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:a107ae2f7b140f2fb2243f33c378228c2f164cfd2d23f57e63f6c424fd400929_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:e21de356b7d879800a96f6c5aeee6bc59a3ed9c58d36503f7089625ce887bb25_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/server-rhel9@sha256:fcaf6d60d682cf51866948ea3b4846c2993e2801adb69dc745ffa832318f515c_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:11f005939e15d63057bf2f0a988b6baebc275d3e752e9f7696d0f7f5266fd5d6_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:4b4c98be96a932d508fad769eff61bff2a44e13baa60b22b6c543f4a11eb71c2_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:6c87453ffe89e8be752ee40c8a9ccf6894c83be703f13901b1e8b64a4c0e549a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/traefik-rhel9@sha256:c18a1c50a4fc7081c6564d1c4ed4904212b7939a4f1f46afef0a36dc1d76f38e_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:33367b9fdb3addce3302ad35bc10423505fefe3dd27b8b9013b26d66caac2a6c_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:72cbdb061cbcd295be5e66a0eabb409af16ade7f0aa12b04c2d7327e9e1a24ba_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:d0379f9da8cbb5514394a4550ff0d79f90fa691fcced5806296479c7b63353da_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e99d1d877bd7335736cbaeb4db5b9904369a1d07f6df332c38ad79ff1256b67b_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:06285611aef2528fc92c5cebb66ff4c74fe44d457f43cf9ec2f4a98c3c68d25e_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:25e0f4153eb5bc6fbc6b389d5adc81bfde103070ef58317c3c25ce4144a628d3_arm64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:acd3c0369c18cbfa63a5972ed1721f93f1fcb456963ff855dea2c295baf1cdb8_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-base-rhel9@sha256:d086075db52f4476aa64d7e2680baa01e99da246275fa9cae0ba4a74de63c7f3_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:07d89c1b524d1451051feb865bc716da2197add90fa0c58c4cf4a82975ec846c_s390x",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:6582e647d7dd604e25977ec1579969aa1fcb29ead1a0ea65833531d633bbdd2b_amd64",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:75e3aec03dffbd0f40f88a08ff5e0319f4515d73f0bcfae28b5fa526b494afc4_ppc64le",
"Red Hat OpenShift Dev Spaces 3.29:registry.redhat.io/devspaces/udi-rhel9@sha256:f0079e8ae53d84223aea2d3186e7bc6b525b7c03d307cde50cfb9f1bbc18712b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
}
]
}
RHSA-2026:37390
Vulnerability from csaf_redhat - Published: 2026-07-09 15:29 - Updated: 2026-07-10 18:49A flaw was found in AssertJ. An XML External Entity (XXE) vulnerability exists in the `XmlStringPrettyFormatter` component, which is used by the `isXmlEqualTo(CharSequence)` assertion. If an application processes untrusted XML input using these methods, a remote attacker could exploit this flaw to read arbitrary local files, perform Server-Side Request Forgery (SSRF) by making the server request arbitrary URLs, or cause a Denial of Service (DoS) through entity expansion attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in Apache Log4j Core. This vulnerability allows for log injection through the use of Carriage Return Line Feed (CRLF) sequences. This occurs because security-related configuration attributes were silently renamed, impacting users who directly configure Rfc5424Layout with stream-based syslog services. An attacker could exploit this to inject malicious data into log files, potentially obscuring critical security events or manipulating system records.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache Log4j's JsonTemplateLayout. This vulnerability allows a remote attacker to disrupt log processing systems. By sending log events that include specific non-numeric floating-point values, the attacker can cause the JsonTemplateLayout to generate invalid JSON output. This invalid output can then lead to downstream systems rejecting or failing to index these logs, effectively causing a denial of service for log analysis.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Micrometer. A remote attacker can provide specially crafted HTTP requests, which may lead to a denial-of-service (DoS) condition. This vulnerability allows an attacker to disrupt the availability of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in Netty. Netty's DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. The Netty Redis codec encoder (RedisEncoder) does not properly validate or sanitize user-controlled string content for CRLF (Carriage Return Line Feed) characters. A remote attacker, by controlling the content of a Redis message, can inject arbitrary Redis commands or forge fake responses. This can lead to a high impact on data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, an asynchronous event-driven network application framework. A remote attacker can exploit this vulnerability by sending a crafted MQTT 5 header with an oversized Properties section. This causes Netty to repeatedly parse and buffer the large Properties section in memory before any message size limits are applied, leading to high CPU and memory consumption. This can result in a Denial of Service (DoS) condition, making the affected system unavailable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending a specially crafted Redis payload containing deeply nested arrays. This action forces the server to allocate a large number of state objects and collections, leading to memory exhaustion. Consequently, this can result in a Denial of Service (DoS) condition, rendering the affected server unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF. Untrusted users, if allowed to configure Java Message Service (JMS) for Apache CXF, can exploit this vulnerability to achieve remote code execution (RCE). This issue arises from an incomplete fix for a prior security flaw, indicating an alternative path that could lead to code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending specially crafted Redis payloads across multiple connections without proper termination. This can exhaust the server's direct memory pool, leading to a Denial of Service (DoS) condition where legitimate connections cannot be processed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF. A remote attacker could exploit an LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server. This vulnerability allows the attacker to retrieve arbitrary certificates from the repository, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-transport-sctp. A remote attacker can exploit this vulnerability by sending specially crafted, non-complete Stream Control Transmission Protocol (SCTP) message fragments. This can lead to unbounded memory growth within the application, causing a Denial of Service (DoS) condition. The affected component fails to limit the size or number of these fragments, allowing an attacker to consume excessive system resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by repeatedly closing Redis pipeline connections before a Redis array aggregate completes. This leads to a permanent leak of direct-memory buffers, which prevents memory chunks from being returned to the shared memory pool. Over time, this can exhaust the available memory, causing a Denial of Service (DoS) for all Netty channels in the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF. The EndpointReferenceUtils and W3CMultiSchemaFactory classes within Apache CXF construct a SAXParserFactory without proper security configurations. This oversight enables out-of-band (OOB) external entity resolution, a type of XML External Entity (XXE) vulnerability. A remote attacker could exploit this to disclose sensitive information from the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. The RedisArrayAggregator component pre-allocates memory based on the declared element count in a Redis array header. A remote attacker can exploit this by sending a small, malicious Redis array header that claims a huge initial capacity, leading to excessive memory pre-allocation. This can result in a denial of service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF. The `JwtAccessTokenValidator` class fails to properly validate the 'aud' (Audience) claims within incoming JSON Web Token (JWT) access tokens. This vulnerability allows an attacker to reuse a JWT, originally intended for one resource server, against a different resource server. This can lead to token confusion and routing attacks, potentially granting unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the OAuthRequestFilter component of cxf. A logic error in this filter inadvertently creates an inverse security check when enabled. This issue causes legitimate requests from a bound IP address to be rejected, while requests from any other IP address are blindly allowed. This could lead to unauthorized access to resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF. This vulnerability, stemming from an incomplete fix for a previous issue, allows untrusted users who can configure Java Message Service (JMS) for Apache CXF to achieve arbitrary code execution. This could lead to a complete compromise of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache CXF's JCA integration module. This Java Naming and Directory Interface (JNDI) Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture (JCA) deployment descriptor (ra.xml) or runtime activation parameters, leading to the execution of malicious code on the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_spring_boot:4.18
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot patch release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot patch release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* cxf-services-xkms-x509-repo-ldap: Apache CXF: Information Disclosure via LDAP Injection (CVE-2026-44930)\n\n* cxf-rt-transports-jms: Apache CXF: Arbitrary code execution via untrusted JMS configuration (CVE-2026-50632)\n\n* cxf-rt-rs-security-oauth2-saml: Apache CXF: Token Confusion/Routing attacks due to improper validation of JWT audience claims (CVE-2026-50627)\n\n* cxf-rt-rs-security-oauth2: Apache CXF: Token Confusion/Routing attacks due to improper validation of JWT audience claims (CVE-2026-50627)\n\n* cxf-rt-rs-security-oauth2-saml: cxf: Unauthorized access due to logic error in OAuthRequestFilter (CVE-2026-50628)\n\n* cxf-rt-rs-security-oauth2: cxf: Unauthorized access due to logic error in OAuthRequestFilter (CVE-2026-50628)\n\n* cxf-integration-jca: Apache CXF: Arbitrary code execution via JNDI Injection (CVE-2026-50633) \n\n* cxf-core: Apache CXF: Information disclosure via out-of-band external entity resolution due to missing JAXP hardening (CVE-2026-49875)\n\n* netty-codec-redis: Netty: Denial of Service via malicious Redis array header (CVE-2026-50011)\n\n* netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays (CVE-2026-44250)\n\n* netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads (CVE-2026-44890)\n\n* netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments (CVE-2026-46340)\n\n* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass (CVE-2026-50010)\n\n* netty-codec-redis: Netty\u0027s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator (CVE-2026-48006)\n\n* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records (CVE-2026-47691)\n\n* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers (CVE-2026-48059)\n\n* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak (CVE-2026-48043)\n\n* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message (CVE-2026-44893)\n\n* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation (CVE-2026-44249)\n\n* assertj-core: AssertJ: Information disclosure and denial of service via XML External Entity (XXE) (CVE-2026-24400)\n\n* cxf-rt-transports-jms: Apache CXF: Remote Code Execution via untrusted JMS configuration (CVE-2026-44417)\n\n* netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header (CVE-2026-44248)\n\n* netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n\n* netty-codec-http: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n\n* netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation (CVE-2026-42578)\n\n* netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder (CVE-2026-42586)\n\n* netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers (CVE-2026-42581)\n\n* netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion (CVE-2026-42584)\n\n* netty-codec-dns: Netty: High integrity impact due to improper DNS domain name constraint enforcement (CVE-2026-42579)\n\n* log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames (CVE-2026-34478)\n\n* log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging (CVE-2026-34480)\n\n* log4j-layout-template-json: Apache Log4j JsonTemplateLayout: Denial of Service via invalid JSON output (CVE-2026-34481)\n\n* micrometer-core: Micrometer: Denial of Service via specially crafted HTTP requests (CVE-2026-40984)\n\n* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake (CVE-2026-45416)\n\n* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation (CVE-2026-45674)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:37390",
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2433116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433116"
},
{
"category": "external",
"summary": "2457321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457321"
},
{
"category": "external",
"summary": "2457323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457323"
},
{
"category": "external",
"summary": "2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "2477213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477213"
},
{
"category": "external",
"summary": "2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "2477231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477231"
},
{
"category": "external",
"summary": "2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "2480728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480728"
},
{
"category": "external",
"summary": "2480729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480729"
},
{
"category": "external",
"summary": "2486716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486716"
},
{
"category": "external",
"summary": "2488053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488053"
},
{
"category": "external",
"summary": "2488062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488062"
},
{
"category": "external",
"summary": "2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "2488298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488298"
},
{
"category": "external",
"summary": "2488302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488302"
},
{
"category": "external",
"summary": "2488304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488304"
},
{
"category": "external",
"summary": "2488307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488307"
},
{
"category": "external",
"summary": "2488309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488309"
},
{
"category": "external",
"summary": "2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "2488388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488388"
},
{
"category": "external",
"summary": "2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "2488413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488413"
},
{
"category": "external",
"summary": "2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "2488433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488433"
},
{
"category": "external",
"summary": "2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_37390.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1.P1 for Spring Boot release.",
"tracking": {
"current_release_date": "2026-07-10T18:49:53+00:00",
"generator": {
"date": "2026-07-10T18:49:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:37390",
"initial_release_date": "2026-07-09T15:29:15+00:00",
"revision_history": [
{
"date": "2026-07-09T15:29:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T15:29:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T18:49:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16",
"product": {
"name": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16",
"product_id": "Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.18"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-24400",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2026-01-26T23:01:28.099083+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433116"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in AssertJ. An XML External Entity (XXE) vulnerability exists in the `XmlStringPrettyFormatter` component, which is used by the `isXmlEqualTo(CharSequence)` assertion. If an application processes untrusted XML input using these methods, a remote attacker could exploit this flaw to read arbitrary local files, perform Server-Side Request Forgery (SSRF) by making the server request arbitrary URLs, or cause a Denial of Service (DoS) through entity expansion attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "assertj: AssertJ: Information disclosure and denial of service via XML External Entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that a user processes untrusted content with the affected package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24400"
},
{
"category": "external",
"summary": "RHBZ#2433116",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433116"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24400",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24400"
},
{
"category": "external",
"summary": "https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html",
"url": "https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html"
},
{
"category": "external",
"summary": "https://github.com/assertj/assertj/commit/85ca7eb6609bb179c043b85ae7d290523b1ba79a",
"url": "https://github.com/assertj/assertj/commit/85ca7eb6609bb179c043b85ae7d290523b1ba79a"
},
{
"category": "external",
"summary": "https://github.com/assertj/assertj/releases/tag/assertj-build-3.27.7",
"url": "https://github.com/assertj/assertj/releases/tag/assertj-build-3.27.7"
},
{
"category": "external",
"summary": "https://github.com/assertj/assertj/security/advisories/GHSA-rqfh-9r24-8c9r",
"url": "https://github.com/assertj/assertj/security/advisories/GHSA-rqfh-9r24-8c9r"
}
],
"release_date": "2026-01-26T22:19:02.161000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "assertj: AssertJ: Information disclosure and denial of service via XML External Entity (XXE)"
},
{
"cve": "CVE-2026-34478",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-04-10T16:01:52.683616+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457323"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Log4j Core. This vulnerability allows for log injection through the use of Carriage Return Line Feed (CRLF) sequences. This occurs because security-related configuration attributes were silently renamed, impacting users who directly configure Rfc5424Layout with stream-based syslog services. An attacker could exploit this to inject malicious data into log files, potentially obscuring critical security events or manipulating system records.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows log injection via CRLF sequences due to silently renamed security attributes in Rfc5424Layout. This affects Red Hat products that directly configure Rfc5424Layout with stream-based syslog services, potentially enabling an attacker to obscure or manipulate log records. This impact is limited to specific configurations, as users of the SyslogAppender are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34478"
},
{
"category": "external",
"summary": "RHBZ#2457323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34478",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34478"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34478",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34478"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/4074",
"url": "https://github.com/apache/logging-log4j2/pull/4074"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3k1clr2l6vkdnl4cbhjrnt1nyjvb5gwt",
"url": "https://lists.apache.org/thread/3k1clr2l6vkdnl4cbhjrnt1nyjvb5gwt"
},
{
"category": "external",
"summary": "https://logging.apache.org/cyclonedx/vdr.xml",
"url": "https://logging.apache.org/cyclonedx/vdr.xml"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout",
"url": "https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout"
},
{
"category": "external",
"summary": "https://logging.apache.org/security.html#CVE-2026-34478",
"url": "https://logging.apache.org/security.html#CVE-2026-34478"
}
],
"release_date": "2026-04-10T15:40:17.713000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames"
},
{
"cve": "CVE-2026-34480",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-04-10T16:02:17.024798+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457328"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Apache Log4j Core\u0027s XmlLayout component can lead to a denial of service in logging operations when log messages contain characters forbidden by the XML 1.0 specification. Systems processing these logs may fail to read records or the logging process may cease event delivery, impacting monitoring and auditing capabilities in affected Red Hat products. Red Hat products in their default configurations will be able to automatically recover, but some log messages may be lost.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34480"
},
{
"category": "external",
"summary": "RHBZ#2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/4077",
"url": "https://github.com/apache/logging-log4j2/pull/4077"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb",
"url": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb"
},
{
"category": "external",
"summary": "https://logging.apache.org/cyclonedx/vdr.xml",
"url": "https://logging.apache.org/cyclonedx/vdr.xml"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout",
"url": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout"
},
{
"category": "external",
"summary": "https://logging.apache.org/security.html#CVE-2026-34480",
"url": "https://logging.apache.org/security.html#CVE-2026-34480"
}
],
"release_date": "2026-04-10T15:42:03.843000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging"
},
{
"cve": "CVE-2026-34481",
"cwe": {
"id": "CWE-241",
"name": "Improper Handling of Unexpected Data Type"
},
"discovery_date": "2026-04-10T16:01:44.581898+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457321"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Log4j\u0027s JsonTemplateLayout. This vulnerability allows a remote attacker to disrupt log processing systems. By sending log events that include specific non-numeric floating-point values, the attacker can cause the JsonTemplateLayout to generate invalid JSON output. This invalid output can then lead to downstream systems rejecting or failing to index these logs, effectively causing a denial of service for log analysis.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.logging.log4j: Apache Log4j JsonTemplateLayout: Denial of Service via invalid JSON output",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires an application to be configured with JsonTemplateLayout and to log attacker-controlled non-finite floating-point values within a MapMessage, which is not a default or common configuration in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34481"
},
{
"category": "external",
"summary": "RHBZ#2457321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457321"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34481",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34481"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34481",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34481"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/4080",
"url": "https://github.com/apache/logging-log4j2/pull/4080"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n34zdv00gbkdbzt2rx9rf5mqz6lhopcv",
"url": "https://lists.apache.org/thread/n34zdv00gbkdbzt2rx9rf5mqz6lhopcv"
},
{
"category": "external",
"summary": "https://logging.apache.org/cyclonedx/vdr.xml",
"url": "https://logging.apache.org/cyclonedx/vdr.xml"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/manual/json-template-layout.html",
"url": "https://logging.apache.org/log4j/2.x/manual/json-template-layout.html"
},
{
"category": "external",
"summary": "https://logging.apache.org/security.html#CVE-2026-34481",
"url": "https://logging.apache.org/security.html#CVE-2026-34481"
}
],
"release_date": "2026-04-10T15:43:00.100000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.logging.log4j: Apache Log4j JsonTemplateLayout: Denial of Service via invalid JSON output"
},
{
"cve": "CVE-2026-40984",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-09T05:01:51.700197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486716"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Micrometer. A remote attacker can provide specially crafted HTTP requests, which may lead to a denial-of-service (DoS) condition. This vulnerability allows an attacker to disrupt the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "micrometer-core: micrometer-jetty11: micrometer-jetty12: Micrometer: Denial of Service via specially crafted HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial-of-service vulnerability in Micrometer, a component present in several Red Hat products. A remote, unauthenticated attacker can exploit this flaw by sending specially crafted HTTP requests, leading to resource exhaustion and disrupting the availability of affected services. Exploitation of this flaw requires one or more HTTP server instrumentation(s), from one of the vulnerable components, to be configured to record metrics.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40984"
},
{
"category": "external",
"summary": "RHBZ#2486716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40984"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-40984",
"url": "https://spring.io/security/cve-2026-40984"
}
],
"release_date": "2026-06-09T03:47:46.447000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "micrometer-core: micrometer-jetty11: micrometer-jetty12: Micrometer: Denial of Service via specially crafted HTTP requests"
},
{
"cve": "CVE-2026-42578",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-13T19:02:00.826936+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected behavior or potential bypass of security controls on the proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "RHBZ#2477226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr",
"url": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr"
}
],
"release_date": "2026-05-13T17:57:43.538000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation"
},
{
"cve": "CVE-2026-42579",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-05-13T19:01:25.062732+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477217"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. Netty\u0027s DNS (Domain Name System) codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the encoder through user-influenced hostnames, leading to a high integrity impact on the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important integrity flaw in Netty\u0027s DNS codec. The vulnerability arises from insufficient enforcement of RFC 1035 domain name constraints during both encoding and decoding, allowing remote attackers to manipulate DNS responses or user-controlled hostnames. This could lead to a high integrity impact on affected Red Hat products that utilize the vulnerable Netty DNS codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "RHBZ#2477217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm"
}
],
"release_date": "2026-05-13T18:01:52.500000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement"
},
{
"cve": "CVE-2026-42581",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:02:26.404511+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477232"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both `Transfer-Encoding: chunked` and `Content-Length` headers. While Netty correctly strips the conflicting `Content-Length` header for HTTP/1.1 messages, this guard is absent for HTTP/1.0. This can lead to HTTP request smuggling, where downstream proxies or handlers may misinterpret message boundaries, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw. Netty\u0027s HttpObjectDecoder, used across various Red Hat products, improperly handles conflicting `Transfer-Encoding: chunked` and `Content-Length` headers in HTTP/1.0 requests. This allows a remote attacker to perform HTTP request smuggling, potentially bypassing security controls or gaining unauthorized access to information due to misinterpretation of message boundaries by downstream proxies or handlers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "RHBZ#2477232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
}
],
"release_date": "2026-05-13T17:54:44.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure any reverse proxies or load balancers in front of Netty to either reject HTTP/1.0 requests containing both Transfer-Encoding: chunked and Content-Length headers, or to explicitly prioritize the Transfer-Encoding header over Content-Length for HTTP/1.0 traffic. This ensures consistent interpretation of message boundaries and prevents request smuggling attacks.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers"
},
{
"cve": "CVE-2026-42584",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-05-13T19:01:51.846351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477224"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses (103, followed by a 200 with a GET body, then another 200 for a HEAD request) when the client pipelines GET then HEAD requests. This can cause the HttpClientCodec to incorrectly pair responses, leading to subsequent HTTP responses being parsed from the wrong offset. This issue may result in information disclosure or other data integrity problems due to misinterpretation of network traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Netty\u0027s HttpClientCodec allows a remote attacker to cause data confusion. By sending a specially crafted sequence of HTTP responses, an attacker can cause subsequent HTTP responses to be parsed incorrectly, potentially leading to information disclosure or data integrity issues in applications utilizing Netty for HTTP client operations. This vulnerability affects various Red Hat products that bundle Netty, including Red Hat AMQ, Enterprise Application Platform, Red Hat Build of Quarkus, and Red Hat Build of Keycloak.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "RHBZ#2477224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3",
"url": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"
}
],
"release_date": "2026-05-13T18:10:48.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion"
},
{
"cve": "CVE-2026-42586",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-05-13T19:01:07.234596+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477213"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. The Netty Redis codec encoder (RedisEncoder) does not properly validate or sanitize user-controlled string content for CRLF (Carriage Return Line Feed) characters. A remote attacker, by controlling the content of a Redis message, can inject arbitrary Redis commands or forge fake responses. This can lead to a high impact on data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42586"
},
{
"category": "external",
"summary": "RHBZ#2477213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477213"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42586"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-rgrr-p7gp-5xj7",
"url": "https://github.com/netty/netty/security/advisories/GHSA-rgrr-p7gp-5xj7"
}
],
"release_date": "2026-05-13T18:20:46.999000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-44248",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:02:22.095946+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477231"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous event-driven network application framework. A remote attacker can exploit this vulnerability by sending a crafted MQTT 5 header with an oversized Properties section. This causes Netty to repeatedly parse and buffer the large Properties section in memory before any message size limits are applied, leading to high CPU and memory consumption. This can result in a Denial of Service (DoS) condition, making the affected system unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44248"
},
{
"category": "external",
"summary": "RHBZ#2477231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477231"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44248",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44248"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-jfg9-48mv-9qgx",
"url": "https://github.com/netty/netty/security/advisories/GHSA-jfg9-48mv-9qgx"
}
],
"release_date": "2026-05-13T18:23:37.563000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44250",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T22:01:16.373607+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488062"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending a specially crafted Redis payload containing deeply nested arrays. This action forces the server to allocate a large number of state objects and collections, leading to memory exhaustion. Consequently, this can result in a Denial of Service (DoS) condition, rendering the affected server unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in netty-codec-redis, affecting Red Hat products that process Redis payloads. A remote attacker can exhaust server memory by sending a crafted Redis payload with deeply nested arrays, leading to an OutOfMemoryError and rendering the service unresponsive. This impact is significant due to the potential for complete service disruption without authentication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44250"
},
{
"category": "external",
"summary": "RHBZ#2488062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44250",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44250"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3244-j874-rhc2",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3244-j874-rhc2"
}
],
"release_date": "2026-06-11T20:49:00.487000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to services utilizing netty-codec-redis to trusted clients and networks only. Implement firewall rules to limit exposure of the Redis service or the application using it to prevent unauthenticated remote attackers from sending malicious payloads. This may impact legitimate client connections if not configured carefully. A service restart may be required for firewall rule changes to take effect.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays"
},
{
"cve": "CVE-2026-44417",
"cwe": {
"id": "CWE-15",
"name": "External Control of System or Configuration Setting"
},
"discovery_date": "2026-05-22T13:00:55.251571+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. Untrusted users, if allowed to configure Java Message Service (JMS) for Apache CXF, can exploit this vulnerability to achieve remote code execution (RCE). This issue arises from an incomplete fix for a prior security flaw, indicating an alternative path that could lead to code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.cxf/cxf-rt-transports-jms: Apache CXF: Remote Code Execution via untrusted JMS configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Apache CXF where an incomplete fix for a prior vulnerability allows remote code execution. Exploitation requires that untrusted users have permissions to configure Java Message Service (JMS) within the Apache CXF environment, which is not a default configuration in Red Hat products. Successful exploitation could lead to arbitrary code execution with the privileges of the affected service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44417"
},
{
"category": "external",
"summary": "RHBZ#2480729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44417",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44417"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/bqg6gjy2cx7rfyqjxcpv3jwjvmclvz4o",
"url": "https://lists.apache.org/thread/bqg6gjy2cx7rfyqjxcpv3jwjvmclvz4o"
}
],
"release_date": "2026-05-22T12:17:25.102000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that only trusted users have permissions to configure Java Message Service (JMS) for Apache CXF. Restrict access to configuration files and management interfaces that control JMS settings. If JMS functionality is not required, consider disabling it to remove the attack vector.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.apache.cxf/cxf-rt-transports-jms: Apache CXF: Remote Code Execution via untrusted JMS configuration"
},
{
"cve": "CVE-2026-44890",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T22:00:53.322242+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488053"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by sending specially crafted Redis payloads across multiple connections without proper termination. This can exhaust the server\u0027s direct memory pool, leading to a Denial of Service (DoS) condition where legitimate connections cannot be processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important as it allows a remote, unauthenticated attacker to cause a denial of service in applications utilizing `netty-codec-redis` or `netty-handler`. By sending specially crafted Redis payloads without proper termination, an attacker can exhaust the server\u0027s direct memory pool, preventing legitimate connections and disrupting service availability. This impacts Red Hat products that process Redis traffic via affected Netty components.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44890"
},
{
"category": "external",
"summary": "RHBZ#2488053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44890",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44890"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3"
}
],
"release_date": "2026-06-11T20:52:50.980000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-44930",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2026-05-22T13:00:51.621372+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. A remote attacker could exploit an LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server. This vulnerability allows the attacker to retrieve arbitrary certificates from the repository, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-cxf: org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap: Apache CXF: Information Disclosure via LDAP Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Apache CXF\u0027s XKMS server, allowing a remote attacker to retrieve arbitrary certificates via an LDAP injection vulnerability in the LDAP Certificate repository. This impact is considered Important due to the potential for unauthorized access to sensitive cryptographic material without requiring prior authentication, affecting the confidentiality of services utilizing the cxf-services-xkms-x509-repo-ldap component in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44930"
},
{
"category": "external",
"summary": "RHBZ#2480728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44930",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44930"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44930",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44930"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/c1zqxppo1m5z3kbdhjn5p991zk09ynkh",
"url": "https://lists.apache.org/thread/c1zqxppo1m5z3kbdhjn5p991zk09ynkh"
}
],
"release_date": "2026-05-22T12:16:47.230000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-cxf: org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap: Apache CXF: Information Disclosure via LDAP Injection"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-46340",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:34.090215+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-transport-sctp. A remote attacker can exploit this vulnerability by sending specially crafted, non-complete Stream Control Transmission Protocol (SCTP) message fragments. This can lead to unbounded memory growth within the application, causing a Denial of Service (DoS) condition. The affected component fails to limit the size or number of these fragments, allowing an attacker to consume excessive system resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An Important denial of service flaw exists in `netty-transport-sctp`, a component used across various Red Hat products. A remote, unauthenticated attacker can exploit this vulnerability by sending fragmented Stream Control Transmission Protocol (SCTP) messages without the completion flag. This leads to unbounded memory growth and resource exhaustion, causing a complete denial of service for applications utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46340"
},
{
"category": "external",
"summary": "RHBZ#2488388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46340",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46340"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch"
}
],
"release_date": "2026-06-12T14:19:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48006",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:27.195680+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488433"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by repeatedly closing Redis pipeline connections before a Redis array aggregate completes. This leads to a permanent leak of direct-memory buffers, which prevents memory chunks from being returned to the shared memory pool. Over time, this can exhaust the available memory, causing a Denial of Service (DoS) for all Netty channels in the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-redis: Netty\u0027s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s RedisArrayAggregator. Repeated connection churn by a network peer can lead to a permanent leak of direct-memory buffers, eventually exhausting the JVM-wide direct-memory pool. This can cause allocation failures across all Netty channels, impacting the availability and stability of Red Hat products utilizing Netty for Redis communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48006"
},
{
"category": "external",
"summary": "RHBZ#2488433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48006"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48006",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48006"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm"
}
],
"release_date": "2026-06-12T14:36:44.416000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-redis: Netty\u0027s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-49875",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2026-06-12T10:01:23.698724+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488309"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. The EndpointReferenceUtils and W3CMultiSchemaFactory classes within Apache CXF construct a SAXParserFactory without proper security configurations. This oversight enables out-of-band (OOB) external entity resolution, a type of XML External Entity (XXE) vulnerability. A remote attacker could exploit this to disclose sensitive information from the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: org.apache.cxf/cxf-core: Apache CXF: Information disclosure via out-of-band external entity resolution due to missing JAXP hardening",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure vulnerability in Apache CXF, affecting Red Hat products that bundle the component, such as Enterprise Application Platform, JBoss Web Server, and Red Hat Single Sign-On. The flaw allows a remote attacker to disclose sensitive information due to improper XML parsing configurations, which can be exploited without user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-49875"
},
{
"category": "external",
"summary": "RHBZ#2488309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488309"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-49875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-49875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49875"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/06/11/2",
"url": "http://www.openwall.com/lists/oss-security/2026/06/11/2"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3kb9w5bg90xcp06fccoz9k3gpsvyy79o",
"url": "https://lists.apache.org/thread/3kb9w5bg90xcp06fccoz9k3gpsvyy79o"
}
],
"release_date": "2026-06-12T08:54:50.103000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf: org.apache.cxf/cxf-core: Apache CXF: Information disclosure via out-of-band external entity resolution due to missing JAXP hardening"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50011",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T16:01:17.003045+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488413"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. The RedisArrayAggregator component pre-allocates memory based on the declared element count in a Redis array header. A remote attacker can exploit this by sending a small, malicious Redis array header that claims a huge initial capacity, leading to excessive memory pre-allocation. This can result in a denial of service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-redis: Netty: Denial of Service via malicious Redis array header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s RedisArrayAggregator component. A remote, unauthenticated attacker can exploit this flaw by sending a specially crafted Redis array header, causing excessive memory pre-allocation and leading to resource exhaustion. This can disrupt services utilizing Netty for Redis communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50011"
},
{
"category": "external",
"summary": "RHBZ#2488413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50011"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7"
}
],
"release_date": "2026-06-12T14:52:18.042000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to services that utilize the netty-codec-redis component and process Redis traffic. Configure firewalls or network access control lists (ACLs) to limit connections to these services from trusted networks or localhost only. This reduces the attack surface by preventing untrusted remote attackers from sending malicious Redis array headers. Consult product-specific documentation for detailed instructions on configuring network access for affected Red Hat products. Reloading or restarting services may be required for network configuration changes to take effect, which could temporarily impact availability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-redis: Netty: Denial of Service via malicious Redis array header"
},
{
"cve": "CVE-2026-50627",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-06-12T10:00:52.910705+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. The `JwtAccessTokenValidator` class fails to properly validate the \u0027aud\u0027 (Audience) claims within incoming JSON Web Token (JWT) access tokens. This vulnerability allows an attacker to reuse a JWT, originally intended for one resource server, against a different resource server. This can lead to token confusion and routing attacks, potentially granting unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: Apache CXF: Token Confusion/Routing attacks due to improper validation of JWT audience claims",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important. Although authentication is required (the attacker must possess a valid JWT issued for some resource server), the flaw allows unauthorized access to protected resources on any other resource server using Apache CXF\u0027s JwtAccessTokenValidator, enabling full read/write operations across trust boundaries due to the complete absence of audience claim validation in the default configuration.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50627"
},
{
"category": "external",
"summary": "RHBZ#2488298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50627",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50627"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/06/11/4",
"url": "http://www.openwall.com/lists/oss-security/2026/06/11/4"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/0jfzz9q992957b99tw7hodcqjfyxwb1m",
"url": "https://lists.apache.org/thread/0jfzz9q992957b99tw7hodcqjfyxwb1m"
}
],
"release_date": "2026-06-12T08:55:41.657000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: Apache CXF: Token Confusion/Routing attacks due to improper validation of JWT audience claims"
},
{
"cve": "CVE-2026-50628",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-06-12T10:01:04.467498+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488302"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OAuthRequestFilter component of cxf. A logic error in this filter inadvertently creates an inverse security check when enabled. This issue causes legitimate requests from a bound IP address to be rejected, while requests from any other IP address are blindly allowed. This could lead to unauthorized access to resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: cxf: Unauthorized access due to logic error in OAuthRequestFilter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important, given that it requires the attacker to first obtain a valid OAuth2 access token through a separate attack vector (such as token leakage, network interception, or log exposure) before exploitation is possible. Successful exploitation allows an attacker to replay a stolen token from any IP address, bypassing the sender-constrained token binding security control and gaining unauthorized access to protected resources as the legitimate token holder. The vulnerability\u0027s root cause is an inverted logic check in the IP binding validation of the cxf-rt-rs-security-oauth2 module, which permits token usage from non-matching IP addresses instead of rejecting it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50628"
},
{
"category": "external",
"summary": "RHBZ#2488302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50628"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/06/11/5",
"url": "http://www.openwall.com/lists/oss-security/2026/06/11/5"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/vb3ho8lf228gh90m1fpnohf2008xrdxk",
"url": "https://lists.apache.org/thread/vb3ho8lf228gh90m1fpnohf2008xrdxk"
}
],
"release_date": "2026-06-12T08:56:28.526000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf: org.apache.cxf/cxf-rt-rs-security-oauth2: cxf: Unauthorized access due to logic error in OAuthRequestFilter"
},
{
"cve": "CVE-2026-50632",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-06-12T10:01:09.993388+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF. This vulnerability, stemming from an incomplete fix for a previous issue, allows untrusted users who can configure Java Message Service (JMS) for Apache CXF to achieve arbitrary code execution. This could lead to a complete compromise of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: org.apache.cxf/cxf-rt-transports-jms: Apache CXF: Arbitrary code execution via untrusted JMS configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Apache CXF\u0027s JMS transport allows arbitrary code execution. The vulnerability occurs when untrusted users can configure Java Message Service (JMS) for Apache CXF, potentially leading to a complete system compromise. This risk is present in environments where JMS configuration is accessible to or managed by untrusted entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50632"
},
{
"category": "external",
"summary": "RHBZ#2488304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50632",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50632"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50632",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50632"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/740ghch5z5y675cn2kzgtyo5k37n6qcw",
"url": "https://lists.apache.org/thread/740ghch5z5y675cn2kzgtyo5k37n6qcw"
}
],
"release_date": "2026-06-12T09:00:48.530000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that only trusted administrators have the necessary permissions to configure Java Message Service (JMS) for Apache CXF. Restricting access to JMS configuration prevents untrusted users from exploiting this vulnerability. Review and enforce strict access controls on systems where Apache CXF is deployed with JMS transport.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cxf: org.apache.cxf/cxf-rt-transports-jms: Apache CXF: Arbitrary code execution via untrusted JMS configuration"
},
{
"cve": "CVE-2026-50633",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-06-12T10:01:18.069803+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488307"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache CXF\u0027s JCA integration module. This Java Naming and Directory Interface (JNDI) Injection vulnerability allows for arbitrary code execution. A remote attacker could exploit this by manipulating the Java EE Connector Architecture (JCA) deployment descriptor (ra.xml) or runtime activation parameters, leading to the execution of malicious code on the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-cxf: org.apache.cxf/cxf-integration-jca: Apache CXF: Arbitrary code execution via JNDI Injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in Apache CXF\u0027s JCA integration module, as shipped in Red Hat products such as JBoss Fuse and Red Hat build of Apache Camel. This JNDI Injection flaw could lead to arbitrary code execution if an attacker successfully manipulates the JCA deployment descriptor or runtime activation parameters. The high attack complexity indicates specific conditions are required for successful exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50633"
},
{
"category": "external",
"summary": "RHBZ#2488307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488307"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50633",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50633"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/06/11/10",
"url": "http://www.openwall.com/lists/oss-security/2026/06/11/10"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/1czhgovkgzdkyp3t61wthn0foogh2grf",
"url": "https://lists.apache.org/thread/1czhgovkgzdkyp3t61wthn0foogh2grf"
}
],
"release_date": "2026-06-12T09:02:02.547000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T15:29:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-cxf: org.apache.cxf/cxf-integration-jca: Apache CXF: Arbitrary code execution via JNDI Injection"
}
]
}
SUSE-SU-2026:2308-1
Vulnerability from csaf_suse - Published: 2026-06-09 08:13 - Updated: 2026-06-09 08:13| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for netty, netty-tcnative",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for netty, netty-tcnative fixes the following issues\n\n- CVE-2026-41417: missing validations leads to HTTP request smuggling and RTSP request injection via start-line\n injection in `DefaultHttpRequest.setUri()` (bsc#1264350).\n- CVE-2026-42578: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty (bsc#1265243).\n- CVE-2026-42579: DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding\n (bsc#1265272).\n- CVE-2026-42580: chunk size parser silently overflows int and enables request smuggling attacks (bsc#1265273).\n- CVE-2026-42581: TE+CL header coexistence in HTTP/1.0 requests bypasses smuggling sanitization (bsc#1265277).\n- CVE-2026-42583: resource exhaustion and possible denial of service via `Lz4FrameDecoder` (bsc#1265279).\n- CVE-2026-42584: improper handling of inbound responses in `HttpClientCodec` can lead to response desynchronization\n (bsc#1265280).\n- CVE-2026-42585: Netty is an asynchronous, event-driven network application framework (bsc#1265292).\n- CVE-2026-42586: CRLF Injection in Netty Redis Codec Encoder (bsc#1265245).\n- CVE-2026-42587: HttpContentDecompressor maxAllocation bypass via Content-Encoding: br/zstd/snappy enables\n decompression bomb DoS (bsc#1265246).\n- CVE-2026-44248: Netty is an asynchronous, event-driven network application framework (bsc#1265294).\n- CVE-2026-42582: HTTP/3 QPACK literal unbounded allocation (bsc#1265318). \n\nChanges for netty:\n\n- Upgrade to upstream version 4.1.133\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2308,SUSE-SLE-Module-Development-Tools-15-SP7-2026-2308,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2308,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2308,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2308,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2308,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2308,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2308,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2308,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2308,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2308,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2308,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2308",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2308-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2308-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262308-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2308-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047194.html"
},
{
"category": "self",
"summary": "SUSE Bug 1264350",
"url": "https://bugzilla.suse.com/1264350"
},
{
"category": "self",
"summary": "SUSE Bug 1265243",
"url": "https://bugzilla.suse.com/1265243"
},
{
"category": "self",
"summary": "SUSE Bug 1265245",
"url": "https://bugzilla.suse.com/1265245"
},
{
"category": "self",
"summary": "SUSE Bug 1265246",
"url": "https://bugzilla.suse.com/1265246"
},
{
"category": "self",
"summary": "SUSE Bug 1265272",
"url": "https://bugzilla.suse.com/1265272"
},
{
"category": "self",
"summary": "SUSE Bug 1265273",
"url": "https://bugzilla.suse.com/1265273"
},
{
"category": "self",
"summary": "SUSE Bug 1265277",
"url": "https://bugzilla.suse.com/1265277"
},
{
"category": "self",
"summary": "SUSE Bug 1265279",
"url": "https://bugzilla.suse.com/1265279"
},
{
"category": "self",
"summary": "SUSE Bug 1265280",
"url": "https://bugzilla.suse.com/1265280"
},
{
"category": "self",
"summary": "SUSE Bug 1265292",
"url": "https://bugzilla.suse.com/1265292"
},
{
"category": "self",
"summary": "SUSE Bug 1265294",
"url": "https://bugzilla.suse.com/1265294"
},
{
"category": "self",
"summary": "SUSE Bug 1265318",
"url": "https://bugzilla.suse.com/1265318"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41417 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42578 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42579 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42580 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42581 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42582 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42583 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42584 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42585 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42586 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42587 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44248 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44248/"
}
],
"title": "Security update for netty, netty-tcnative",
"tracking": {
"current_release_date": "2026-06-09T08:13:58Z",
"generator": {
"date": "2026-06-09T08:13:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2308-1",
"initial_release_date": "2026-06-09T08:13:58Z",
"revision_history": [
{
"date": "2026-06-09T08:13:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.133-150200.4.46.1.aarch64",
"product": {
"name": "netty-4.1.133-150200.4.46.1.aarch64",
"product_id": "netty-4.1.133-150200.4.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"product": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"product_id": "netty-tcnative-2.0.77-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.aarch64",
"product": {
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.aarch64",
"product_id": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.133-150200.4.46.1.i586",
"product": {
"name": "netty-4.1.133-150200.4.46.1.i586",
"product_id": "netty-4.1.133-150200.4.46.1.i586"
}
},
{
"category": "product_version",
"name": "netty-tcnative-2.0.77-150200.3.39.1.i586",
"product": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.i586",
"product_id": "netty-tcnative-2.0.77-150200.3.39.1.i586"
}
},
{
"category": "product_version",
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.i586",
"product": {
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.i586",
"product_id": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-bom-4.1.133-150200.4.46.1.noarch",
"product": {
"name": "netty-bom-4.1.133-150200.4.46.1.noarch",
"product_id": "netty-bom-4.1.133-150200.4.46.1.noarch"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.133-150200.4.46.1.noarch",
"product": {
"name": "netty-javadoc-4.1.133-150200.4.46.1.noarch",
"product_id": "netty-javadoc-4.1.133-150200.4.46.1.noarch"
}
},
{
"category": "product_version",
"name": "netty-parent-4.1.133-150200.4.46.1.noarch",
"product": {
"name": "netty-parent-4.1.133-150200.4.46.1.noarch",
"product_id": "netty-parent-4.1.133-150200.4.46.1.noarch"
}
},
{
"category": "product_version",
"name": "netty-tcnative-javadoc-2.0.77-150200.3.39.1.noarch",
"product": {
"name": "netty-tcnative-javadoc-2.0.77-150200.3.39.1.noarch",
"product_id": "netty-tcnative-javadoc-2.0.77-150200.3.39.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.133-150200.4.46.1.ppc64le",
"product": {
"name": "netty-4.1.133-150200.4.46.1.ppc64le",
"product_id": "netty-4.1.133-150200.4.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"product": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"product_id": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.ppc64le",
"product": {
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.ppc64le",
"product_id": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.133-150200.4.46.1.s390x",
"product": {
"name": "netty-4.1.133-150200.4.46.1.s390x",
"product_id": "netty-4.1.133-150200.4.46.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"product": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"product_id": "netty-tcnative-2.0.77-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.s390x",
"product": {
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.s390x",
"product_id": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.133-150200.4.46.1.x86_64",
"product": {
"name": "netty-4.1.133-150200.4.46.1.x86_64",
"product_id": "netty-4.1.133-150200.4.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"product": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"product_id": "netty-tcnative-2.0.77-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.x86_64",
"product": {
"name": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.x86_64",
"product_id": "netty-tcnative-openssl-dynamic-2.0.77-150200.3.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.133-150200.4.46.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64"
},
"product_reference": "netty-4.1.133-150200.4.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.133-150200.4.46.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le"
},
"product_reference": "netty-4.1.133-150200.4.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.133-150200.4.46.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x"
},
"product_reference": "netty-4.1.133-150200.4.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.133-150200.4.46.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64"
},
"product_reference": "netty-4.1.133-150200.4.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.133-150200.4.46.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch"
},
"product_reference": "netty-javadoc-4.1.133-150200.4.46.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-tcnative-2.0.77-150200.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
},
"product_reference": "netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-41417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41417"
}
],
"notes": [
{
"category": "general",
"text": "Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and whitespace characters that would break the start-line, but `setUri()` does not apply the same validation. `HttpRequestEncoder` and `RtspEncoder` then write the URI into the request line verbatim. If attacker-controlled input reaches `setUri()`, this enables CRLF injection and insertion of additional HTTP or RTSP requests, leading to HTTP request smuggling or desynchronization on the HTTP side and request injection on the RTSP side. This issue is fixed in versions 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41417",
"url": "https://www.suse.com/security/cve/CVE-2026-41417"
},
{
"category": "external",
"summary": "SUSE Bug 1264350 for CVE-2026-41417",
"url": "https://bugzilla.suse.com/1264350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2026-41417"
},
{
"cve": "CVE-2026-42578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42578"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty\u0027s HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage() method creates headers using DefaultHttpHeadersFactory.headersFactory().withValidation(false), then adds user-provided outboundHeaders without any CRLF validation. This allows an attacker who can influence the outbound headers to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42578",
"url": "https://www.suse.com/security/cve/CVE-2026-42578"
},
{
"category": "external",
"summary": "SUSE Bug 1265243 for CVE-2026-42578",
"url": "https://bugzilla.suse.com/1265243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42578"
},
{
"cve": "CVE-2026-42579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42579"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty\u0027s DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit the decoder, and user-influenced hostnames can exploit the encoder. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42579",
"url": "https://www.suse.com/security/cve/CVE-2026-42579"
},
{
"category": "external",
"summary": "SUSE Bug 1265272 for CVE-2026-42579",
"url": "https://bugzilla.suse.com/1265272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42579"
},
{
"cve": "CVE-2026-42580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42580"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty\u0027s chunk size parser silently overflows int, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42580",
"url": "https://www.suse.com/security/cve/CVE-2026-42580"
},
{
"category": "external",
"summary": "SUSE Bug 1265273 for CVE-2026-42580",
"url": "https://bugzilla.suse.com/1265273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42580"
},
{
"cve": "CVE-2026-42581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42581"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absent for HTTP/1.0. An attacker that sends an HTTP/1.0 request with both headers causes Netty to decode the body as chunked while leaving Content-Length intact in the forwarded HttpMessage. Any downstream proxy or handler that trusts Content-Length over Transfer-Encoding will disagree on message boundaries, enabling request smuggling. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42581",
"url": "https://www.suse.com/security/cve/CVE-2026-42581"
},
{
"category": "external",
"summary": "SUSE Bug 1265277 for CVE-2026-42581",
"url": "https://bugzilla.suse.com/1265277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42581"
},
{
"cve": "CVE-2026-42582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42582"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoder#decodeHuffmanEncodedLiteral may execute new byte[length] for a string literal before verifying that length bytes are actually present in the compressed field section. The wire encoding allows a very large length to be expressed in few bytes. There is no check that length \u003c= in.readableBytes() before new byte[length]. This vulnerability is fixed in 4.2.13.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42582",
"url": "https://www.suse.com/security/cve/CVE-2026-42582"
},
{
"category": "external",
"summary": "SUSE Bug 1265318 for CVE-2026-42582",
"url": "https://bugzilla.suse.com/1265318"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42582"
},
{
"cve": "CVE-2026-42583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42583"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength (up to 32 MB per block) before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if compressedLength == 1 - to force that allocation. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42583",
"url": "https://www.suse.com/security/cve/CVE-2026-42583"
},
{
"category": "external",
"summary": "SUSE Bug 1265279 for CVE-2026-42583",
"url": "https://bugzilla.suse.com/1265279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42583"
},
{
"cve": "CVE-2026-42584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42584"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll() once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103, then 200 with GET body, then 200 for HEAD, the queue pairs HEAD with the first 200. The HEAD rule then skips reading that message\u0027s body, so the GET entity bytes stay on the stream and the following 200 is parsed from the wrong offset. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42584",
"url": "https://www.suse.com/security/cve/CVE-2026-42584"
},
{
"category": "external",
"summary": "SUSE Bug 1265280 for CVE-2026-42584",
"url": "https://bugzilla.suse.com/1265280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2026-42584"
},
{
"cve": "CVE-2026-42585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42585"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42585",
"url": "https://www.suse.com/security/cve/CVE-2026-42585"
},
{
"category": "external",
"summary": "SUSE Bug 1265291 for CVE-2026-42585",
"url": "https://bugzilla.suse.com/1265291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2026-42585"
},
{
"cve": "CVE-2026-42586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42586"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder (RedisEncoder) writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF (\\r\\n) characters. Since the Redis Serialization Protocol (RESP) uses CRLF as the command/response delimiter, an attacker who can control the content of a Redis message can inject arbitrary Redis commands or forge fake responses. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42586",
"url": "https://www.suse.com/security/cve/CVE-2026-42586"
},
{
"category": "external",
"summary": "SUSE Bug 1265245 for CVE-2026-42586",
"url": "https://bugzilla.suse.com/1265245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42586"
},
{
"cve": "CVE-2026-42587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42587"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate encodings via ZlibDecoder, but is silently ignored when the content encoding is br (Brotli), zstd, or snappy. An attacker can bypass the configured decompression limit by sending a compressed payload with Content-Encoding: br instead of Content-Encoding: gzip, causing unbounded memory allocation and out-of-memory denial of service. The same vulnerability exists in DelegatingDecompressorFrameListener for HTTP/2 connections. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42587",
"url": "https://www.suse.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "SUSE Bug 1265246 for CVE-2026-42587",
"url": "https://bugzilla.suse.com/1265246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "important"
}
],
"title": "CVE-2026-42587"
},
{
"cve": "CVE-2026-44248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44248"
}
],
"notes": [
{
"category": "general",
"text": "Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the MQTT 5 header Properties section is parsed and buffered before any message size limit is applied. Specifically, in MqttDecoder, the decodeVariableHeader() method is called before the bytesRemainingBeforeVariableHeader \u003e maxBytesInMessage check. The decodeVariableHeader() can call other methods which will call decodeProperties(). Effectively, Netty does not apply any limits to the size of the properties being decoded. Additionally, because MqttDecoder extends ReplayingDecoder, Netty will repeatedly re-parse the enormous Properties sections and buffer the bytes in memory, until the entire thing parses to completion. This can cause high resource usage in both CPU and memory. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44248",
"url": "https://www.suse.com/security/cve/CVE-2026-44248"
},
{
"category": "external",
"summary": "SUSE Bug 1265293 for CVE-2026-44248",
"url": "https://bugzilla.suse.com/1265293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.133-150200.4.46.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.133-150200.4.46.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:netty-tcnative-2.0.77-150200.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:netty-tcnative-2.0.77-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T08:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2026-44248"
}
]
}
WID-SEC-W-2026-1372
Vulnerability from csaf_certbund - Published: 2026-05-05 22:00 - Updated: 2026-06-10 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Keycloak <26.6.3
Open Source / Keycloak
|
<26.6.3 | ||
|
Open Source Netty <4.2.13.Final
Open Source / Netty
|
<4.2.13.Final | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source Netty <4.1.133.Final
Open Source / Netty
|
<4.1.133.Final |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Netty ist ein asynchrones, ereignisgesteuertes Netzwerk-Anwendungs-Framework f\u00fcr die schnelle Entwicklung von wartbaren, hochleistungsf\u00e4higen Protokollservern und -clients.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Netty ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1372 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1372.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1372 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1372"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-2c5c-chwr-9hqw vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-2c5c-chwr-9hqw"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-38f8-5428-x5cv vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-45q3-82m4-75jr vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-57rv-r2g8-2cj3 vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cm33-6792-r9fm vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-f6hv-jmp6-3vwv vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-jfg9-48mv-9qgx vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-jfg9-48mv-9qgx"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-m4cv-j2px-7723 vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-mj4r-2hfc-f8p6 vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-rwm7-x88c-3g2p vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-rwm7-x88c-3g2p"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-v8h7-rr48-vmmv vom 2026-05-05",
"url": "https://github.com/advisories/GHSA-v8h7-rr48-vmmv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-v8h7-rr48-vmmv vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xxqh-mfjm-7mv9 vom 2026-05-05",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"
},
{
"category": "external",
"summary": "Keycloak 26.6.3 release vom 2026-06-04",
"url": "https://www.keycloak.org/2026/06/keycloak-2663-released"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8401-1 vom 2026-06-08",
"url": "https://ubuntu.com/security/notices/USN-8401-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2308-1 vom 2026-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026653.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:24502 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:24502"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:23808 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:23808"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25123 vom 2026-06-11",
"url": "https://access.redhat.com/errata/RHSA-2026:25123"
}
],
"source_lang": "en-US",
"title": "Netty: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-10T22:00:00.000+00:00",
"generator": {
"date": "2026-06-11T10:21:04.274+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1372",
"initial_release_date": "2026-05-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-30130, EUVD-2026-30124, EUVD-2026-30127, EUVD-2026-30129, EUVD-2026-30128, EUVD-2026-30126, EUVD-2026-30123, EUVD-2026-30122, EUVD-2026-30120, EUVD-2026-30125, EUVD-2026-30132, EUVD-2026-30121"
},
{
"date": "2026-06-04T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-06-09T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c26.6.3",
"product": {
"name": "Open Source Keycloak \u003c26.6.3",
"product_id": "T054992"
}
},
{
"category": "product_version",
"name": "26.6.3",
"product": {
"name": "Open Source Keycloak 26.6.3",
"product_id": "T054992-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:keycloak:keycloak:26.6.3"
}
}
}
],
"category": "product_name",
"name": "Keycloak"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.2.13.Final",
"product": {
"name": "Open Source Netty \u003c4.2.13.Final",
"product_id": "T053584"
}
},
{
"category": "product_version",
"name": "4.2.13.Final",
"product": {
"name": "Open Source Netty 4.2.13.Final",
"product_id": "T053584-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.2.13.final"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.1.133.Final",
"product": {
"name": "Open Source Netty \u003c4.1.133.Final",
"product_id": "T053585"
}
},
{
"category": "product_version",
"name": "4.1.133.Final",
"product": {
"name": "Open Source Netty 4.1.133.Final",
"product_id": "T053585-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.1.133.final"
}
}
}
],
"category": "product_name",
"name": "Netty"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-41417",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-41417"
},
{
"cve": "CVE-2026-42577",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42577"
},
{
"cve": "CVE-2026-42578",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42578"
},
{
"cve": "CVE-2026-42579",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42579"
},
{
"cve": "CVE-2026-42580",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42580"
},
{
"cve": "CVE-2026-42581",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42581"
},
{
"cve": "CVE-2026-42582",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42582"
},
{
"cve": "CVE-2026-42583",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42583"
},
{
"cve": "CVE-2026-42584",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42584"
},
{
"cve": "CVE-2026-42585",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42585"
},
{
"cve": "CVE-2026-42586",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42586"
},
{
"cve": "CVE-2026-42587",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-42587"
},
{
"cve": "CVE-2026-44248",
"product_status": {
"known_affected": [
"T054992",
"T053584",
"T002207",
"67646",
"T000126",
"T053585"
]
},
"release_date": "2026-05-05T22:00:00.000+00:00",
"title": "CVE-2026-44248"
}
]
}
WID-SEC-W-2026-1955
Vulnerability from csaf_certbund - Published: 2026-06-16 22:00 - Updated: 2026-06-17 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nFisheye ist ein Quellcode-Repository-Browser f\u00fcr Unternehmensteams. \r\nCrucible ist eine Code-Review-L\u00f6sung f\u00fcr Unternehmensteams.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management ausnutzen, um beliebigen Code auszuf\u00fchren, erweiterte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1955 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1955.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1955 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin Juni vom 2026-06-16",
"url": "https://confluence.atlassian.com/security/security-bulletin-june-16-2026-1796309326.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:22380 vom 2026-06-18",
"url": "https://access.redhat.com/errata/RHSA-2026:22380"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-17T22:00:00.000+00:00",
"generator": {
"date": "2026-06-18T07:59:55.017+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1955",
"initial_release_date": "2026-06-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.1.8",
"product_id": "T055489"
}
},
{
"category": "product_version",
"name": "Data Center 12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center 12.1.8",
"product_id": "T055489-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.1.8"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.20",
"product_id": "T055490"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.20",
"product_id": "T055490-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.2.4",
"product_id": "T055492"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center 10.2.4",
"product_id": "T055492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.2.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.21",
"product_id": "T055493"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.21",
"product_id": "T055493-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.21"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.3.1",
"product_id": "T055494"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.3.1",
"product_id": "T055494-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.3.1"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.13",
"product_id": "T055495"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Confluence Data Center 10.2.13",
"product_id": "T055495-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.21",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.21",
"product_id": "T055496"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.21",
"product": {
"name": "Atlassian Confluence Data Center 9.2.21",
"product_id": "T055496-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.21"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Crucible \u003c4.9.11",
"product_id": "T055498"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Crucible 4.9.11",
"product_id": "T055498-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:crucible:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Crucible"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Fisheye \u003c4.9.11",
"product_id": "T055497"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Fisheye 4.9.11",
"product_id": "T055497-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:fisheye:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Fisheye"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.7",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.7",
"product_id": "T055499"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.7",
"product": {
"name": "Atlassian Jira Data Center 11.3.7",
"product_id": "T055499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.22",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.22",
"product_id": "T055500"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.22",
"product": {
"name": "Atlassian Jira Data Center 10.3.22",
"product_id": "T055500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.22"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c11.3.7",
"product_id": "T055501"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 11.3.7",
"product_id": "T055501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c10.3.22",
"product_id": "T055502"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 10.3.22",
"product_id": "T055502-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__10.3.22"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11272",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2019-11272"
},
{
"cve": "CVE-2021-3803",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-22965",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22965"
},
{
"cve": "CVE-2022-22978",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-31692",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-31692"
},
{
"cve": "CVE-2024-22257",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2026-22732",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-22732"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-26996",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-26996"
},
{
"cve": "CVE-2026-27903",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27903"
},
{
"cve": "CVE-2026-27904",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27904"
},
{
"cve": "CVE-2026-29129",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-29129"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-33871",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33871"
},
{
"cve": "CVE-2026-34077",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34077"
},
{
"cve": "CVE-2026-34486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34486"
},
{
"cve": "CVE-2026-34487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34487"
},
{
"cve": "CVE-2026-40175",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-40175"
},
{
"cve": "CVE-2026-41044",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41044"
},
{
"cve": "CVE-2026-41284",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41284"
},
{
"cve": "CVE-2026-41293",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41293"
},
{
"cve": "CVE-2026-42033",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42033"
},
{
"cve": "CVE-2026-42035",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42035"
},
{
"cve": "CVE-2026-42038",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42038"
},
{
"cve": "CVE-2026-42043",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42043"
},
{
"cve": "CVE-2026-42198",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42198"
},
{
"cve": "CVE-2026-42211",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42211"
},
{
"cve": "CVE-2026-42264",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42264"
},
{
"cve": "CVE-2026-42342",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42342"
},
{
"cve": "CVE-2026-42498",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42498"
},
{
"cve": "CVE-2026-42579",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42579"
},
{
"cve": "CVE-2026-42581",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42581"
},
{
"cve": "CVE-2026-42583",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42583"
},
{
"cve": "CVE-2026-42584",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42584"
},
{
"cve": "CVE-2026-42585",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42585"
},
{
"cve": "CVE-2026-42587",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42587"
},
{
"cve": "CVE-2026-43512",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43512"
},
{
"cve": "CVE-2026-43513",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43513"
},
{
"cve": "CVE-2026-43515",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43515"
},
{
"cve": "CVE-2026-44486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44486"
},
{
"cve": "CVE-2026-44487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44487"
},
{
"cve": "CVE-2026-44488",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44488"
},
{
"cve": "CVE-2026-44492",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44492"
},
{
"cve": "CVE-2026-44495",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44495"
},
{
"cve": "CVE-2026-44496",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44496"
},
{
"cve": "CVE-2026-45149",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45149"
},
{
"cve": "CVE-2026-45736",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45736"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.