Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-41249 (GCVE-0-2025-41249)
Vulnerability from cvelistv5
Published
2025-09-16 10:15
Modified
2025-09-16 19:29
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Spring Framework |
Version: 6.2.x Version: 6.1.x Version: 5.3.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-16T19:29:22.619095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-16T19:29:37.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "VMware",
"versions": [
{
"lessThan": "6.2.11",
"status": "affected",
"version": "6.2.x",
"versionType": "OSS"
},
{
"lessThan": "6.1.23",
"status": "affected",
"version": "6.1.x",
"versionType": "commercial"
},
{
"lessThan": "5.3.45",
"status": "affected",
"version": "5.3.x",
"versionType": "COMMERCIAL"
}
]
}
],
"datePublic": "2025-09-15T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\u003c/p\u003e\u003cp\u003eYour application may be affected by this if you are using Spring Security\u0027s \u003ccode\u003e@EnableMethodSecurity\u003c/code\u003e\u0026nbsp;feature.\u003c/p\u003e\u003cp\u003eYou are not affected by this if you are not using \u003ccode\u003e@EnableMethodSecurity\u003c/code\u003e\u0026nbsp;or if you do not use security annotations on methods in generic superclasses or generic interfaces.\u003c/p\u003e\u003cp\u003eThis CVE is published in conjunction with \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2025-41248\"\u003eCVE-2025-41248\u003c/a\u003e.\u003c/p\u003e"
}
],
"value": "The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 ."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-16T10:15:34.118Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2025-41249"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-41249: Spring Framework Annotation Detection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41249",
"datePublished": "2025-09-16T10:15:34.118Z",
"dateReserved": "2025-04-16T09:30:25.625Z",
"dateUpdated": "2025-09-16T19:29:37.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-41249\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2025-09-16T11:15:30.887\",\"lastModified\":\"2025-09-16T20:15:35.127\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\\n\\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\\n\\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\\n\\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2025-41249\",\"source\":\"security@vmware.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-41249\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-16T19:29:22.619095Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-285\", \"description\": \"CWE-285 Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-16T19:29:34.207Z\"}}], \"cna\": {\"title\": \"CVE-2025-41249: Spring Framework Annotation Detection Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"VMware\", \"product\": \"Spring Framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.x\", \"lessThan\": \"6.2.11\", \"versionType\": \"OSS\"}, {\"status\": \"affected\", \"version\": \"6.1.x\", \"lessThan\": \"6.1.23\", \"versionType\": \"commercial\"}, {\"status\": \"affected\", \"version\": \"5.3.x\", \"lessThan\": \"5.3.45\", \"versionType\": \"COMMERCIAL\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2025-09-15T10:00:00.000Z\", \"references\": [{\"url\": \"https://spring.io/security/cve-2025-41249\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\\n\\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\\u00a0feature.\\n\\nYou are not affected by this if you are not using @EnableMethodSecurity\\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\\n\\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\u003c/p\u003e\u003cp\u003eYour application may be affected by this if you are using Spring Security\u0027s \u003ccode\u003e@EnableMethodSecurity\u003c/code\u003e\u0026nbsp;feature.\u003c/p\u003e\u003cp\u003eYou are not affected by this if you are not using \u003ccode\u003e@EnableMethodSecurity\u003c/code\u003e\u0026nbsp;or if you do not use security annotations on methods in generic superclasses or generic interfaces.\u003c/p\u003e\u003cp\u003eThis CVE is published in conjunction with \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://spring.io/security/cve-2025-41248\\\"\u003eCVE-2025-41248\u003c/a\u003e.\u003c/p\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2025-09-16T10:15:34.118Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-41249\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-16T19:29:37.532Z\", \"dateReserved\": \"2025-04-16T09:30:25.625Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2025-09-16T10:15:34.118Z\", \"assignerShortName\": \"vmware\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2025-41249
Vulnerability from fkie_nvd
Published
2025-09-16 11:15
Modified
2025-09-16 20:15
Severity ?
Summary
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 ."
}
],
"id": "CVE-2025-41249",
"lastModified": "2025-09-16T20:15:35.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-09-16T11:15:30.887",
"references": [
{
"source": "security@vmware.com",
"url": "https://spring.io/security/cve-2025-41249"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CERTFR-2025-AVI-0861
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.4.x antérieures à 6.4.0.4 | ||
| IBM | Db2 | DB2 Data Management Console on CPD versions 4.8.8 et 5.x antérieures à CPD 5.2.0 | ||
| IBM | Db2 | DB2 Data Management Console versions antérieures à 3.1.13.1 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.15 | ||
| IBM | N/A | Db2 Intelligence Center versions 1.1.x antérieures à 1.1.2.0 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct Web Services versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.4",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Data Management Console on CPD versions 4.8.8 et 5.x ant\u00e9rieures \u00e0 CPD 5.2.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Data Management Console versions ant\u00e9rieures \u00e0 3.1.13.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.15",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Intelligence Center versions 1.1.x ant\u00e9rieures \u00e0 1.1.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2025-57810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57810"
},
{
"name": "CVE-2020-8565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8565"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2019-11250",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11250"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
}
],
"initial_release_date": "2025-10-10T00:00:00",
"last_revision_date": "2025-10-10T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0861",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247430",
"url": "https://www.ibm.com/support/pages/node/7247430"
},
{
"published_at": "2025-10-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247086",
"url": "https://www.ibm.com/support/pages/node/7247086"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247188",
"url": "https://www.ibm.com/support/pages/node/7247188"
},
{
"published_at": "2025-10-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247285",
"url": "https://www.ibm.com/support/pages/node/7247285"
},
{
"published_at": "2025-10-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247283",
"url": "https://www.ibm.com/support/pages/node/7247283"
},
{
"published_at": "2025-10-08",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7247431",
"url": "https://www.ibm.com/support/pages/node/7247431"
}
]
}
CERTFR-2025-AVI-0792
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Spring. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Security | Security versions 6.4.x antérieures à 6.4.10 | ||
| Spring | Spring Security | Security versions 6.5.x antérieures à 6.5.4 | ||
| Spring | Spring Framework | Framework versions 5.3.x antérieures à 5.3.45 | ||
| Spring | Spring Framework | Framework versions 6.x antérieures à 6.1.23 | ||
| Spring | Spring Framework | Framework versions 6.2.x antérieures à 6.2.11 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Security versions 6.4.x ant\u00e9rieures \u00e0 6.4.10",
"product": {
"name": "Spring Security",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Security versions 6.5.x ant\u00e9rieures \u00e0 6.5.4",
"product": {
"name": "Spring Security",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.45",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.x ant\u00e9rieures \u00e0 6.1.23",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.11",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
}
],
"initial_release_date": "2025-09-16T00:00:00",
"last_revision_date": "2025-09-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0792",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Spring. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Spring",
"vendor_advisories": [
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41249",
"url": "https://spring.io/security/cve-2025-41249"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41248",
"url": "https://spring.io/security/cve-2025-41248"
}
]
}
ncsc-2025-0333
Vulnerability from csaf_ncscnl
Published
2025-10-23 13:35
Modified
2025-10-23 13:35
Summary
Kwetsbaarheden verholpen in Oracle Financial Services
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Financial Services componenten.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te krijgen tot gevoelige gegevens via HTTP. Dit kan leiden tot ongeoorloofde toegang en wijzigingen van kritieke data, met een CVSS-score van 9.8 die de significante impact op de vertrouwelijkheid benadrukt. Daarnaast zijn er kwetsbaarheden die kunnen leiden tot denial-of-service (DoS) aanvallen, wat de beschikbaarheid van het systeem in gevaar kan brengen.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-23
Relative Path Traversal
CWE-125
Out-of-bounds Read
CWE-197
Numeric Truncation Error
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-284
Improper Access Control
CWE-285
Improper Authorization
CWE-306
Missing Authentication for Critical Function
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-611
Improper Restriction of XML External Entity Reference
CWE-674
Uncontrolled Recursion
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-862
Missing Authorization
CWE-863
Incorrect Authorization
CWE-918
Server-Side Request Forgery (SSRF)
CWE-937
CWE-937
CWE-1035
CWE-1035
CWE-1284
Improper Validation of Specified Quantity in Input
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Financial Services componenten.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te krijgen tot gevoelige gegevens via HTTP. Dit kan leiden tot ongeoorloofde toegang en wijzigingen van kritieke data, met een CVSS-score van 9.8 die de significante impact op de vertrouwelijkheid benadrukt. Daarnaast zijn er kwetsbaarheden die kunnen leiden tot denial-of-service (DoS) aanvallen, wat de beschikbaarheid van het systeem in gevaar kan brengen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "general",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Financial Services",
"tracking": {
"current_release_date": "2025-10-23T13:35:32.902231Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0333",
"initial_release_date": "2025-10-23T13:35:32.902231Z",
"revision_history": [
{
"date": "2025-10-23T13:35:32.902231Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Financial Services Revenue Management And Billing"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Oracle Banking Branch"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle Banking Corporate Lending Process Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Oracle Banking Origination"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Compliance Studio"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11988",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle Financial Services applications and Apache XmlGraphics Commons allow unauthorized access to critical data and server-side request forgery, all with a CVSS score of 8.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-11988 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-11988.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2020-11988"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "description",
"text": "Recent updates address multiple security vulnerabilities across various products, including XML External Entity (XXE) issues in Apache XML Graphics FOP and Oracle applications, allowing unauthorized access to sensitive data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2025-5115",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The \u0027MadeYouReset\u0027 vulnerability in HTTP/2 affects certain Jetty versions, allowing denial of service through malformed control frames, while additional vulnerabilities exist in Oracle Communications and SAP Commerce Cloud.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "Critical vulnerabilities in Oracle Communications Cloud Native Core and SQLite versions prior to 3.50.2 expose systems to severe risks, including memory corruption and integer truncation issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6965 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-27553",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Middleware and Apache Commons VFS expose critical data and allow unauthorized file access, with significant risks associated with their exploitation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27553 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27817",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache Kafka and Oracle applications allow unauthorized access to sensitive data, with notable SSRF risks and CVSS scores of 7.5 for Oracle products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27817 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-31672",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified across various products, including Apache POI, Oracle BPM Suite, JD Edwards EnterpriseOne, and SAP BusinessObjects, affecting data integrity and allowing unauthorized access or manipulation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31672 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Java SE and libxml2, allowing for potential system compromise and denial of service, with CVSS scores of 7.5 for several issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-41249",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Financial Services and the Spring Framework expose critical data and authorization flaws, affecting multiple versions and products with significant security implications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-41249 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48924",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebLogic Server and Apache Commons Lang versions expose systems to denial of service risks, including an uncontrolled recursion flaw leading to StackOverflowErrors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48924 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability in HTTP/2, along with various enhancements to components like Catalina and Coyote.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-50074",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Revenue Management and Billing (versions 2.9.0.0.0-7.2.0.0.0) allows high-privileged attackers to gain unauthorized access to critical data via HTTP, with a CVSS 3.1 Base Score of 4.9.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50074 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50074.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-50074"
},
{
"cve": "CVE-2025-50075",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Revenue Management and Billing (versions 2.9.0.0.0-7.2.0.0.0) allows low privileged attackers with HTTP access to potentially gain unauthorized access to critical data, with a CVSS score of 6.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50075 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50075.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-50075"
},
{
"cve": "CVE-2025-53034",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows unauthenticated attackers to compromise the system with human interaction, leading to unauthorized data access and modifications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53034 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53034.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53034"
},
{
"cve": "CVE-2025-53035",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows low privileged attackers to access critical data, affecting versions 8.0.7.9, 8.0.8.7, and 8.1.2.5, with a CVSS score of 6.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53035 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53035.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53035"
},
{
"cve": "CVE-2025-53036",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows unauthenticated attackers to access critical data via HTTP, with a CVSS score of 8.6.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53036 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53036.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53036"
},
{
"cve": "CVE-2025-53037",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A critical vulnerability in Oracle Financial Services Analytical Applications Infrastructure (versions 8.0.7.9, 8.0.8.7, and 8.1.2.5) allows unauthenticated attackers to compromise the system via HTTP, with a CVSS score of 9.8.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53037 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53037.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53037"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty address critical vulnerabilities, including the \u0027MadeYouReset\u0027 DDoS attack in HTTP/2, which can lead to denial of service through resource exhaustion in various affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat (CVE-2025-59375) allows excessive memory allocations from crafted XML input, affecting versions prior to 2.7.2, while a Security-in-Depth issue exists in Oracle Database Server\u0027s Perl component but is not exploitable.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59375.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-61751",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows low-privileged attackers to exploit it via HTTP, posing significant risks to data confidentiality and integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61751 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61751.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-61751"
},
{
"cve": "CVE-2025-61756",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers to execute denial of service attacks on specific versions, rated with a CVSS score of 7.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61756 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61756.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-61756"
}
]
}
ncsc-2025-0293
Vulnerability from csaf_ncscnl
Published
2025-09-16 13:38
Modified
2025-09-16 13:38
Summary
Kwetsbaarheden verholpen in Spring Framework
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
VMWare heeft kwetsbaarheden verholpen in de Spring Security framework.
Interpretaties
De kwetsbaarheden bevinden zich in de manier waarop het Spring Security framework annotaties detecteert, met name in typehiërarchieën die gebruikmaken van geparametriseerde supertypes met onbeperkte generics. Dit kan leiden tot een autorisatie-omzeiling wanneer gebruik wordt gemaakt van methodesecurity-annotaties zoals @PreAuthorize, vooral als @EnableMethodSecurity is ingeschakeld. Deze problemen zijn bijzonder kritisch voor applicaties die afhankelijk zijn van deze beveiligingsannotaties voor toegangscontrole.
Oplossingen
VMware heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-305
Authentication Bypass by Primary Weakness
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "VMWare heeft kwetsbaarheden verholpen in de Spring Security framework.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in de manier waarop het Spring Security framework annotaties detecteert, met name in typehi\u00ebrarchie\u00ebn die gebruikmaken van geparametriseerde supertypes met onbeperkte generics. Dit kan leiden tot een autorisatie-omzeiling wanneer gebruik wordt gemaakt van methodesecurity-annotaties zoals @PreAuthorize, vooral als @EnableMethodSecurity is ingeschakeld. Deze problemen zijn bijzonder kritisch voor applicaties die afhankelijk zijn van deze beveiligingsannotaties voor toegangscontrole.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "VMware heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Authentication Bypass by Primary Weakness",
"title": "CWE-305"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://spring.io/blog/2025/09/15/spring-framework-and-spring-security-fixes-for-CVE-2025-41249-and-CVE-2025-41248"
}
],
"title": "Kwetsbaarheden verholpen in Spring Framework",
"tracking": {
"current_release_date": "2025-09-16T13:38:44.960337Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0293",
"initial_release_date": "2025-09-16T13:38:44.960337Z",
"revision_history": [
{
"date": "2025-09-16T13:38:44.960337Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Spring Framework"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Spring Security"
}
],
"category": "vendor",
"name": "VMware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-41248 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41248.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-41249 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-41249"
}
]
}
ghsa-jmp9-x22r-554x
Vulnerability from github
Published
2025-09-16 15:32
Modified
2025-09-16 21:34
Severity ?
VLAI Severity ?
Summary
Spring Framework annotation detection mechanism may result in improper authorization
Details
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework:spring-core"
},
"ranges": [
{
"events": [
{
"introduced": "5.3.0"
},
{
"last_affected": "5.3.44"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.springframework:spring-core"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"last_affected": "6.1.22"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.2.10"
},
"package": {
"ecosystem": "Maven",
"name": "org.springframework:spring-core"
},
"ranges": [
{
"events": [
{
"introduced": "6.2.0"
},
{
"fixed": "6.2.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-41249"
],
"database_specific": {
"cwe_ids": [
"CWE-285",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-16T19:38:20Z",
"nvd_published_at": "2025-09-16T11:15:30Z",
"severity": "HIGH"
},
"details": "The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .",
"id": "GHSA-jmp9-x22r-554x",
"modified": "2025-09-16T21:34:22Z",
"published": "2025-09-16T15:32:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
},
{
"type": "WEB",
"url": "https://github.com/spring-projects/spring-framework/issues/35342"
},
{
"type": "WEB",
"url": "https://github.com/spring-projects/spring-framework/commit/6d710d482a6785b069e35022e81758953afc21ff"
},
{
"type": "PACKAGE",
"url": "https://github.com/spring-projects/spring-framework"
},
{
"type": "WEB",
"url": "https://github.com/spring-projects/spring-framework/releases/tag/v6.2.11"
},
{
"type": "WEB",
"url": "https://spring.io/security/cve-2025-41249"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Spring Framework annotation detection mechanism may result in improper authorization"
}
wid-sec-w-2025-2060
Vulnerability from csaf_certbund
Published
2025-09-15 22:00
Modified
2025-10-15 22:00
Summary
VMware Tanzu Spring Framework und Spring Security: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Spring Security ist ein Framework, das Authentifizierung, Autorisierung und Schutz vor gängigen Angriffen bietet.
Das Spring Framework bietet ein Entwicklungsmodell für Java mit Infrastrukturunterstützung auf Anwendungsebene.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Security und VMware Tanzu Spring Framework ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Spring Security ist ein Framework, das Authentifizierung, Autorisierung und Schutz vor g\u00e4ngigen Angriffen bietet.\r\nDas Spring Framework bietet ein Entwicklungsmodell f\u00fcr Java mit Infrastrukturunterst\u00fctzung auf Anwendungsebene.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Security und VMware Tanzu Spring Framework ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2060 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2060.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2060 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2060"
},
{
"category": "external",
"summary": "Spring Release Notes vom 2025-09-15",
"url": "https://spring.io/blog/2025/09/15/spring-security-6-4-10-and-6-5-4-released"
},
{
"category": "external",
"summary": "Spring Security Advisories vom 2025-09-15",
"url": "https://spring.io/security/cve-2025-41248"
},
{
"category": "external",
"summary": "Spring Security Advisories vom 2025-09-15",
"url": "https://spring.io/security/cve-2025-41249"
},
{
"category": "external",
"summary": "Spring Release Notes vom 2025-09-15",
"url": "https://spring.io/blog/2025/09/15/spring-framework-and-spring-security-fixes-for-CVE-2025-41249-and-CVE-2025-41248"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247283 vom 2025-10-07",
"url": "https://www.ibm.com/support/pages/node/7247283"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247285 vom 2025-10-07",
"url": "https://www.ibm.com/support/pages/node/7247285"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18028 vom 2025-10-14",
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-10-15",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124532"
}
],
"source_lang": "en-US",
"title": "VMware Tanzu Spring Framework und Spring Security: Mehrere Schwachstellen erm\u00f6glichen Umgehen von Sicherheitsvorkehrungen",
"tracking": {
"current_release_date": "2025-10-15T22:00:00.000+00:00",
"generator": {
"date": "2025-10-16T09:43:26.238+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2060",
"initial_release_date": "2025-09-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-29537, EUVD-2025-29538"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von HCL aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c25.09.17.0",
"product": {
"name": "HCL Commerce \u003c25.09.17.0",
"product_id": "T047719"
}
},
{
"category": "product_version",
"name": "25.09.17.0",
"product": {
"name": "HCL Commerce 25.09.17.0",
"product_id": "T047719-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:25.09.17.0"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Sterling Connect:Direct",
"product": {
"name": "IBM Sterling Connect:Direct",
"product_id": "T045428",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Apache Camel \u003c4.10.7 for Spring Boot",
"product": {
"name": "Red Hat Integration Apache Camel \u003c4.10.7 for Spring Boot",
"product_id": "T047637"
}
},
{
"category": "product_version",
"name": "Apache Camel 4.10.7 for Spring Boot",
"product": {
"name": "Red Hat Integration Apache Camel 4.10.7 for Spring Boot",
"product_id": "T047637-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:apache_camel__4.10.7_for_spring_boot"
}
}
}
],
"category": "product_name",
"name": "Integration"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.11",
"product": {
"name": "VMware Tanzu Spring Framework \u003c6.2.11",
"product_id": "T046998"
}
},
{
"category": "product_version",
"name": "6.2.11",
"product": {
"name": "VMware Tanzu Spring Framework 6.2.11",
"product_id": "T046998-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_framework:6.2.11"
}
}
}
],
"category": "product_name",
"name": "Spring Framework"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.4.10",
"product": {
"name": "VMware Tanzu Spring Security \u003c6.4.10",
"product_id": "T046994"
}
},
{
"category": "product_version",
"name": "6.4.10",
"product": {
"name": "VMware Tanzu Spring Security 6.4.10",
"product_id": "T046994-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_security:6.4.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.5.4",
"product": {
"name": "VMware Tanzu Spring Security \u003c6.5.4",
"product_id": "T046996"
}
},
{
"category": "product_version",
"name": "6.5.4",
"product": {
"name": "VMware Tanzu Spring Security 6.5.4",
"product_id": "T046996-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware_tanzu:spring_security:6.5.4"
}
}
}
],
"category": "product_name",
"name": "Spring Security"
}
],
"category": "vendor",
"name": "VMware Tanzu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T047637",
"T046996",
"T045428",
"T047719",
"T046994"
]
},
"release_date": "2025-09-15T22:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T046998",
"T047637",
"T045428",
"T047719"
]
},
"release_date": "2025-09-15T22:00:00.000+00:00",
"title": "CVE-2025-41249"
}
]
}
rhsa-2025:19094
Vulnerability from csaf_redhat
Published
2025-10-23 20:33
Modified
2025-10-23 23:59
Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release.
Notes
Topic
Red Hat OpenShift Dev Spaces 3.24.0 has been released.
Details
Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.24 release is based on Eclipse Che 7.109 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#crw
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.24.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\nThe 3.24 release is based on Eclipse Che 7.109 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\nUsers still using the v1 standard should migrate as soon as possible.\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\nDev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19094",
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.24/html/administration_guide/installing-devspaces",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.24/html/administration_guide/installing-devspaces"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-35065",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-25883",
"url": "https://access.redhat.com/security/cve/CVE-2022-25883"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-3517",
"url": "https://access.redhat.com/security/cve/CVE-2022-3517"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-46175",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-41248",
"url": "https://access.redhat.com/security/cve/CVE-2025-41248"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-41249",
"url": "https://access.redhat.com/security/cve/CVE-2025-41249"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55163",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59343",
"url": "https://access.redhat.com/security/cve/CVE-2025-59343"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9566",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19094.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release.",
"tracking": {
"current_release_date": "2025-10-23T23:59:46+00:00",
"generator": {
"date": "2025-10-23T23:59:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:19094",
"initial_release_date": "2025-10-23T20:33:38+00:00",
"revision_history": [
{
"date": "2025-10-23T20:33:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T20:33:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T23:59:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product": {
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3.24::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS)"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Ae8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760676569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760670617"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Adf658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3Aa90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871621"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760653610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759870356"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761088569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713499"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256%3A34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761171498"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760747489"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871505"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761160160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761158501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760921292"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Ad7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760676569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760670617"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Aec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3Aa4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871621"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760653610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759870356"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761088569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713499"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760747489"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Ac3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871505"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Ade5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761160160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ab11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761158501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760921292"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760676569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Adec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760670617"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871621"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760653610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759870356"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761088569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713499"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Ac490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760747489"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871505"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Af44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761160160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Af74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761158501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Adc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760921292"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Aced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760676569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760670617"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Aaa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713657"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871621"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760653610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759870356"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ab60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761088569"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760713499"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Accdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760747489"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Ada65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871505"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1759871071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761160160"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1761158501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.24-1760921292"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.24",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.24"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2022-3517",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-06-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134609"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimatch: ReDoS via the braceExpand function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3517"
},
{
"category": "external",
"summary": "RHBZ#2134609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517"
}
],
"release_date": "2022-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-minimatch: ReDoS via the braceExpand function"
},
{
"cve": "CVE-2022-25883",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-06-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216475"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the \u0027new Range\u0027 function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-semver: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25883"
},
{
"category": "external",
"summary": "RHBZ#2216475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25883"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw",
"url": "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795",
"url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795"
}
],
"release_date": "2023-06-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-semver: Regular expression denial of service"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"acknowledgments": [
{
"names": [
"Paul Holzinger"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2025-9566",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-04T15:45:46.448000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393152"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: Podman kube play command may overwrite host files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having the Important severity. This happens because of the consequences of an successful attack and the low complexity (AC:L) on exploiting this vulnerability. Although the attacker cannot control the content written to the target file, depending on which file was targeted, the exploitation of this flaw may lead sensitive data corruption (I:H) and leading the system to crash resulting in a Denial of Service attack (A:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "RHBZ#2393152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9566"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "workaround",
"details": "Red Hat advises to not run the podman kube play command with untrusted Kubernetes YAML file as input, additionally review the Kubernetes YAML file before running it through podman may help to catch maliciously crafted secretes or volumes that may be used to exploit this vulnerability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "podman: Podman kube play command may overwrite host files"
},
{
"cve": "CVE-2025-41248",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2025-09-16T11:00:42.699993+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395723"
}
],
"notes": [
{
"category": "description",
"text": "The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize\u00a0and other method security annotations, resulting in an authorization bypass.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41249 https://spring.io/security/cve-2025-41249 .",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework.security/spring-security-core: Spring Security authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-41248"
},
{
"category": "external",
"summary": "RHBZ#2395723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-41248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41248"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-security/issues/17898",
"url": "https://github.com/spring-projects/spring-security/issues/17898"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2025-41248",
"url": "https://spring.io/security/cve-2025-41248"
}
],
"release_date": "2025-09-16T10:10:59.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.springframework.security/spring-security-core: Spring Security authorization bypass"
},
{
"cve": "CVE-2025-41249",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2025-09-16T11:00:49.967990+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395725"
}
],
"notes": [
{
"category": "description",
"text": "The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-41249"
},
{
"category": "external",
"summary": "RHBZ#2395725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395725"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/35342",
"url": "https://github.com/spring-projects/spring-framework/issues/35342"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2025-41249",
"url": "https://spring.io/security/cve-2025-41249"
}
],
"release_date": "2025-09-16T10:15:34.118000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-08-13T15:01:55.372237+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, \u201cMadeYouReset\u201d is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling \u2014 malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55163"
},
{
"category": "external",
"summary": "RHBZ#2388252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
"url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/767506",
"url": "https://kb.cert.org/vuls/id/767506"
}
],
"release_date": "2025-08-13T14:17:36.111000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
},
{
"cve": "CVE-2025-59343",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"discovery_date": "2025-09-24T18:01:19.612438+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397901"
}
],
"notes": [
{
"category": "description",
"text": "tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific tarball. This issue has been patched in version 3.1.1, 2.1.4, and 1.16.6. A workaround involves using the ignore option on non files/directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar-fs: tar-fs symlink validation bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59343"
},
{
"category": "external",
"summary": "RHBZ#2397901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59343"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343"
},
{
"category": "external",
"summary": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09",
"url": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09"
},
{
"category": "external",
"summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v",
"url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v"
}
],
"release_date": "2025-09-24T17:43:34.728000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-23T20:33:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19094"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:36fc35cd401140f3df7c45b8cd5682b7468a5dc8a6288d999508a2c50484eada_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:ced1d8366bbb102fb17a39e445fe3fe180db0d1db4115ba10fc71fdfa27782fe_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:d7d97ca085838a96772d21b3db0e869ffbaa469a2e66e8566ad3e6464fe2ddcd_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-rhel9@sha256:e8cb98ec2e7a8ad2ccd69796bc78b812df25bcb8be60808f1b66b56cc0e2fd99_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:37ce33f42bd627f17f153fb01364daa64b9b6b6196254ff64e7f85af1ba53f8f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c98ccb6afaed1d71afdd10bc3e35c4edaf757d563815996b2440581d5391f02_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:98412432e1e6f4351001fd847584af86edfabc1c2434e3d2cced1b6fd8b37901_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:dec9de28192bf1d47f578c7a4ed859c5168333bb4354f78eda5aa0c8c296ced9_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:2b77edd3e3bb1f26f2c39d461ebca6171f712bd9f57a8e1df6067e381d36f87d_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:aa83c8aa82f59c509cc3758d0e71bb868f073814fc54a142be267780eff493eb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:df658ffb4c2f81aefab81795a1603cec97b67e876cd0bf4927323b5bcd8732f3_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/configbump-rhel9@sha256:ec0932411e4b6de9019cd1fd775549e9e2faa2af2a387cc63221d7548fc3412c_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:26a2fb048b53a3179390e8ce7b00525cb9a70ea6efc42126192c75e145526c97_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:5bf20016be741f97e1b4b59b12b055cd39540fc7bdf8799b14c8ade083f64c38_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:872a98325c3fd3840670828d201e2d027f659335521ba27fb07f7c20f116474c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a90ee7e5df3018c9d084d8349be7891ca6289558e14f0f94b95133f0c02d64eb_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:34c42246ae490bce91292bcabf350cd34d091f7ff32bcb4bb012d6380f17d7e5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:01afee0b101671c52190be73af50b655634333b323561fa83cf31088257ba236_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1173a78f4140540163422db5f8bad8f11104e7254109912f38452f38ea6e2161_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:27cfd1b12714961bc952fa86f53758ae3da05f397c4d75d5f4cf09dd5949a828_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:3a79083efd75a09e14e05234ad1c9f5f45e4204c93ac6066429643c234ef04d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:507a595e8d25bf460f0147ca5e141011c7bec425f96b05815f9d57ad500599af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:9179381519e3c41923792528421b3831abe2a2cb1f6e5bd106c5ce96213af9c7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:98c582c0e47250a7c17c592e84f484fcd499aa4409f7f7155b8361e26ca2df0f_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a4da702c9c8f46b44c3eb94ce92b16fdd9fb8607cfb26adeaf71a473eafe766f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55a135cafa015407f9e22333dd396c32e0ca87d9a94779c42ce32ee4f2e4adcb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:677a234cd1441ec9c2043d96f418fab48892023805775390f2c4a6bf78d298d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:90bb747ddb0bdc57fd9f3f30ce89d88af861c9a5308dcc9954344d8c1d424128_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:9a7b13f5a8027bf2a395bb2110294029d41ca96ed68bfdb78162b0265a96b16f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:10cbe01cec1118bd368156a472d7d52ca5903d8efae56b7059cd288957b051bf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:2d916e23a8361f24f267da019781965f7745a1a02efb0462e2b29f71e083c685_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:66317bd7e5634d529ec545f9aa8a2ff38cabb4c8773b99b7f94842a5bd243383_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/machineexec-rhel9@sha256:79a5db5ac28dc8607ead1c243144ce4b7b0c4619bd843913dbea3b53f7447a10_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:11d71f82faabf36868cf538a6242b600854e4bc9bcf4fb8f875ffc0487b28053_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1254010dc89cccd136a3d4174f89d324304347f8088077aedebd3b7e44ed1616_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:2464577ba1fedeec77a2b80b8bb1ff786beb63fbf78bbd9106d14901c7ebb28f_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b60273956fc6674e9296a458188069f29117ef785a0439e3f8436bb1ac650a3b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:080273ea4bc751a33eb7451aab099b40eab46ca2b90685e661f478e45c962b71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:28e5dd2b9c4ceaeb10fb92f4133a26f0170407871ce7f56bc546a575241e5cc7_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:c490ebeb2e2f313f8a8318c3070561edc6545453214142df95c6d1601d2714d5_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:ccdc171ff4d7333c4279c15eeef7f9c221d65c6d072eebd7f04d71b8f7133d6a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:053a878beb49fce4487d96d122f3e294ab7142a6dec81367c08ccf86598318b1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:6dbc2205ec22dd10d079d91c7ecc1920c2f3f2d7a6a4eeb45e6ce473733744af_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:c3f573e7946bd26542747ccbc99f640efd3e189766b53b1072c8a225942b2351_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/server-rhel9@sha256:da65fa9d69840eb58c3da430e3f305aa27ec2164f97bab82e075ee0f266207fb_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:134bfa5b675bdae58a57de00ea5edbef21e3da370460971aa355359545320926_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:94291bf8bf2c61bbec1c1641466356aaa43ac4abb516f935410cb6632a4251ac_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:9c2ef8299d58f81ef9e82aeac792aa888f31786d7b23fe29a3891b529791ec42_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/traefik-rhel9@sha256:f44d3314a640d6d863455d76005a52d02a41c95d19973072e626e63f687def46_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:2b35152ce2aad4ea14cf28d731467da4758aa275a650e883082391cb1c0e73c6_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:79d9224c441f26875adfc4188f78454333b4d3b0d7418f0218ba892b893ec35a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b11d599f95e2d7e08efc9d481d5cc654504bda1a1d4bb963217c3a8312ae5e71_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel10@sha256:f74bcd3011b0eff48ba18b446de5a1d8bddd13a4bde30c787dc1ced5d0a06550_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:15dcb0c25b2295f58ab725e633ecacc7f0aa1ab857d627e8c0e19b7b15102a6a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:2767e17a1bab86674cb31e4ebbb8b095b1c45ee3ca4a3888e8d140727d94fa9f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:578054a3f30b30ac5560403166b59c1d895394ee9e8a2396591a8c02955a5cc4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-base-rhel9@sha256:dc2cbe1eec3743aed7c51cca595d7176395778458360a4111520fda14f84e821_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2579266bc90b8979bb4299eefcd4e4eaa2947a5bec5c50563d743ce7f6605622_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:2a4b0f6da2735ea2028116288bddd5d3475983230d91e52bca9c5e3225eda2d4_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:91b615e55b5f38d40e99884b51885f1aa19effadeeff36e226240d8a1957c5b6_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.24:registry.redhat.io/devspaces/udi-rhel9@sha256:de5ed611e8295c8e87d0ad6cbf440752801a964e7630f61d9a59c768efc5b996_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tar-fs: tar-fs symlink validation bypass"
}
]
}
rhsa-2025:18028
Vulnerability from csaf_redhat
Published
2025-10-14 17:59
Modified
2025-10-23 23:59
Summary
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release.
Notes
Topic
Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues
fixed.
Security Fix(es):
* spring-security-core: Spring Security authorization bypass (CVE-2025-41248)
* spring-core: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)
* spring-core-test: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)
* org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)
* org.eclipse.jgit: XXE vulnerability in Eclipse JGit (CVE-2025-4949)
* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)
* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)
* minio: minio-java Client XML Tag is Vulnerable to Value Substitution (CVE-2025-59952)
* io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution (CVE-2025-59952)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues\nfixed.\n\nSecurity Fix(es):\n \n* spring-security-core: Spring Security authorization bypass (CVE-2025-41248)\n\n* spring-core: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)\n\n* spring-core-test: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)\n\n* org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability (CVE-2025-41249)\n\n* org.eclipse.jgit: XXE vulnerability in Eclipse JGit (CVE-2025-4949)\n\n* netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)\n\n* netty-codec-http2: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)\n\n* minio: minio-java Client XML Tag is Vulnerable to Value Substitution (CVE-2025-59952)\n\n* io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution (CVE-2025-59952)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18028",
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2367730",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367730"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "2395723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395723"
},
{
"category": "external",
"summary": "2395725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395725"
},
{
"category": "external",
"summary": "2400380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400380"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18028.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release.",
"tracking": {
"current_release_date": "2025-10-23T23:59:48+00:00",
"generator": {
"date": "2025-10-23T23:59:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:18028",
"initial_release_date": "2025-10-14T17:59:03+00:00",
"revision_history": [
{
"date": "2025-10-14T17:59:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-14T17:59:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T23:59:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10",
"product": {
"name": "Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10",
"product_id": "Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.10"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4949",
"cwe": {
"id": "CWE-827",
"name": "Improper Control of Document Type Definition"
},
"discovery_date": "2025-05-21T07:00:48.762597+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2367730"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse JGit. This vulnerability can allow information disclosure, denial of service, and other security issues when parsing XML files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jgit: XXE vulnerability in Eclipse JGit",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4949"
},
{
"category": "external",
"summary": "RHBZ#2367730",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367730"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4949",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4949"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/64",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/64"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281"
},
{
"category": "external",
"summary": "https://projects.eclipse.org/projects/technology.jgit/releases/7.2.1",
"url": "https://projects.eclipse.org/projects/technology.jgit/releases/7.2.1"
}
],
"release_date": "2025-05-21T06:47:19.777000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-14T17:59:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jgit: XXE vulnerability in Eclipse JGit"
},
{
"cve": "CVE-2025-41248",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2025-09-16T11:00:42.699993+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395723"
}
],
"notes": [
{
"category": "description",
"text": "The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize\u00a0and other method security annotations, resulting in an authorization bypass.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41249 https://spring.io/security/cve-2025-41249 .",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework.security/spring-security-core: Spring Security authorization bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-41248"
},
{
"category": "external",
"summary": "RHBZ#2395723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-41248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41248"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-security/issues/17898",
"url": "https://github.com/spring-projects/spring-security/issues/17898"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2025-41248",
"url": "https://spring.io/security/cve-2025-41248"
}
],
"release_date": "2025-09-16T10:10:59.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-14T17:59:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.springframework.security/spring-security-core: Spring Security authorization bypass"
},
{
"cve": "CVE-2025-41249",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2025-09-16T11:00:49.967990+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395725"
}
],
"notes": [
{
"category": "description",
"text": "The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions.\n\nYour application may be affected by this if you are using Spring Security\u0027s @EnableMethodSecurity\u00a0feature.\n\nYou are not affected by this if you are not using @EnableMethodSecurity\u00a0or if you do not use security annotations on methods in generic superclasses or generic interfaces.\n\nThis CVE is published in conjunction with CVE-2025-41248 https://spring.io/security/cve-2025-41248 .",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-41249"
},
{
"category": "external",
"summary": "RHBZ#2395725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395725"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
},
{
"category": "external",
"summary": "https://github.com/spring-projects/spring-framework/issues/35342",
"url": "https://github.com/spring-projects/spring-framework/issues/35342"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2025-41249",
"url": "https://spring.io/security/cve-2025-41249"
}
],
"release_date": "2025-09-16T10:15:34.118000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-14T17:59:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-14T17:59:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
},
{
"cve": "CVE-2025-59952",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-09-30T00:01:08.819825+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400380"
}
],
"notes": [
{
"category": "description",
"text": "MinIO Java SDK is a Simple Storage Service (aka S3) client to perform bucket and object operations to any Amazon S3 compatible object storage service. In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically substituted with their actual values during processing. This unintended behavior could lead to the exposure of sensitive information, including credentials, file paths, or system configuration details, if such references were present in XML content from untrusted sources. This is fixed in version 8.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59952"
},
{
"category": "external",
"summary": "RHBZ#2400380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400380"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59952"
},
{
"category": "external",
"summary": "https://github.com/minio/minio-java/releases/tag/8.6.0",
"url": "https://github.com/minio/minio-java/releases/tag/8.6.0"
},
{
"category": "external",
"summary": "https://github.com/minio/minio-java/security/advisories/GHSA-h7rh-xfpj-hpcm",
"url": "https://github.com/minio/minio-java/security/advisories/GHSA-h7rh-xfpj-hpcm"
}
],
"release_date": "2025-09-29T23:32:33.994000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-14T17:59:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18028"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Apache Camel 4.10.7 for Spring Boot 3.4.10"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.minio/minio: minio-java Client XML Tag is Vulnerable to Value Substitution"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…