csaf_redhat - rhsa-2025:22287

rhsa-2025:22287

Vulnerability from csaf_redhat

Published

2025-11-27 14:54

Modified

2025-11-29 06:53

Summary

Red Hat Security Advisory: Red Hat Quay 3.9

Notes

Topic

Red Hat Quay 3.9 is now available with bug fixes.

Details

Quay 3.9

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.9 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.9",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:22287",
        "url": "https://access.redhat.com/errata/RHSA-2025:22287"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
        "url": "https://access.redhat.com/security/cve/CVE-2024-34156"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
        "url": "https://access.redhat.com/security/cve/CVE-2024-45337"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
        "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
        "url": "https://access.redhat.com/security/cve/CVE-2025-59420"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
        "url": "https://access.redhat.com/security/cve/CVE-2025-61920"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22287.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.9",
    "tracking": {
      "current_release_date": "2025-11-29T06:53:27+00:00",
      "generator": {
        "date": "2025-11-29T06:53:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.13"
        }
      },
      "id": "RHSA-2025:22287",
      "initial_release_date": "2025-11-27T14:54:51+00:00",
      "revision_history": [
        {
          "date": "2025-11-27T14:54:51+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-11-27T14:54:59+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-29T06:53:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.9",
                "product": {
                  "name": "Red Hat Quay 3.9",
                  "product_id": "Red Hat Quay 3.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.9::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3Ace217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Af4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Aa6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Aad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Aa6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Af0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Adecf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ac622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Ac7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 as a component of Red Hat Quay 3.9",
          "product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
        "relates_to_product_reference": "Red Hat Quay 3.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-34156",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2024-09-06T21:20:09.377905+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2310528"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "RHBZ#2310528",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/611239",
          "url": "https://go.dev/cl/611239"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/69139",
          "url": "https://go.dev/issue/69139"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
          "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3106",
          "url": "https://pkg.go.dev/vuln/GO-2024-3106"
        }
      ],
      "release_date": "2024-09-06T21:15:12.020000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T14:54:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22287"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
    },
    {
      "cve": "CVE-2024-45337",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "discovery_date": "2024-12-11T19:00:54.247490+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2331720"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45337"
        },
        {
          "category": "external",
          "summary": "RHBZ#2331720",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
          "url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/635315",
          "url": "https://go.dev/cl/635315"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70779",
          "url": "https://go.dev/issue/70779"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
          "url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3321",
          "url": "https://pkg.go.dev/vuln/GO-2024-3321"
        }
      ],
      "release_date": "2024-12-11T18:55:58.506000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T14:54:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22287"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
    },
    {
      "cve": "CVE-2024-45338",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-12-18T21:00:59.938173+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/637536",
          "url": "https://go.dev/cl/637536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70906",
          "url": "https://go.dev/issue/70906"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3333",
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "release_date": "2024-12-18T20:38:22.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T14:54:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22287"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    },
    {
      "cve": "CVE-2025-59420",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "discovery_date": "2025-09-22T18:01:35.379361+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2397460"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation. This issue has been patched in version 1.6.4.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "authlib: Authlib RFC violation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-59420"
        },
        {
          "category": "external",
          "summary": "RHBZ#2397460",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
          "url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
        }
      ],
      "release_date": "2025-09-22T17:28:53.869000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T14:54:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22287"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "authlib: Authlib RFC violation"
    },
    {
      "cve": "CVE-2025-61920",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-10-10T20:01:12.833962+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2403179"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service. Version 1.6.5 patches the issue. Some temporary workarounds are available. Enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "authlib: Authlib Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
          "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-61920"
        },
        {
          "category": "external",
          "summary": "RHBZ#2403179",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
          "url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
        },
        {
          "category": "external",
          "summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
        }
      ],
      "release_date": "2025-10-10T19:25:07.679000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-11-27T14:54:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22287"
        },
        {
          "category": "workaround",
          "details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
          "product_ids": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
            "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "authlib: Authlib Denial of Service"
    }
  ]
}

CVE-2024-45337 (GCVE-0-2024-45337)

Vulnerability from cvelistv5

Published

2024-12-11 18:55

Modified

2025-02-18 20:48

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-1108: Excessive Reliance on Global Variables

Summary

Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is in fact used to authenticate." Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.

References

URL

Tags

	https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909
	https://go.dev/cl/635315
	https://go.dev/issue/70779
	https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ
	https://pkg.go.dev/vuln/GO-2024-3321

Impacted products

	Vendor	Product	Version
	golang.org/x/crypto	golang.org/x/crypto/ssh	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-31T15:02:46.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/11/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250131-0007/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45337",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-12T17:57:55.896008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-12T17:58:29.810Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "ServerConfig.PublicKeyCallback"
            },
            {
              "name": "connection.serverAuthenticate"
            },
            {
              "name": "NewServerConn"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.31.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Damien Tournoud (Platform.sh / Upsun)"
        },
        {
          "lang": "en",
          "value": "Patrick Dawkins (Platform.sh / Upsun)"
        },
        {
          "lang": "en",
          "value": "Vince Parker (Platform.sh / Upsun)"
        },
        {
          "lang": "en",
          "value": "Jules Duvivier (Platform.sh / Upsun)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-1108: Excessive Reliance on Global Variables",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-18T20:48:40.404Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
        },
        {
          "url": "https://go.dev/cl/635315"
        },
        {
          "url": "https://go.dev/issue/70779"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-3321"
        }
      ],
      "title": "Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-45337",
    "datePublished": "2024-12-11T18:55:58.506Z",
    "dateReserved": "2024-08-27T19:41:58.555Z",
    "dateUpdated": "2025-02-18T20:48:40.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59420 (GCVE-0-2025-59420)

Vulnerability from cvelistv5

Published

2025-09-22 17:28

Modified

2025-11-03 17:45

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-345 - Insufficient Verification of Data Authenticity
CWE-863 - Incorrect Authorization

Summary

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed‑language fleets, this enables split‑brain verification and can lead to policy bypass, replay, or privilege escalation. This issue has been patched in version 1.6.4.

References

URL

Tags

	https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32	x_refsource_CONFIRM
	https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	authlib	authlib	Version: < 1.6.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59420",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-22T18:04:06.580297Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-22T18:05:49.981Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:45:19.901Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00032.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "authlib",
          "vendor": "authlib",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.6.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation. This issue has been patched in version 1.6.4."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "CWE-345: Insufficient Verification of Data Authenticity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-22T17:28:53.869Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
        },
        {
          "name": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
        }
      ],
      "source": {
        "advisory": "GHSA-9ggr-2464-2j32",
        "discovery": "UNKNOWN"
      },
      "title": "Authlib: JWS/JWT accepts unknown crit headers (RFC violation \u2192 possible authz bypass)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59420",
    "datePublished": "2025-09-22T17:28:53.869Z",
    "dateReserved": "2025-09-15T19:13:16.904Z",
    "dateUpdated": "2025-11-03T17:45:19.901Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-34156 (GCVE-0-2024-34156)

Vulnerability from cvelistv5

Published

2024-09-06 20:42

Modified

2024-09-26 15:03

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-674: Uncontrolled Recursion

Summary

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

References

URL

Tags

	https://go.dev/cl/611239
	https://go.dev/issue/69139
	https://groups.google.com/g/golang-dev/c/S9POB9NCTdk
	https://pkg.go.dev/vuln/GO-2024-3106

Impacted products

	Vendor	Product	Version
	Go standard library	encoding/gob	Version: 0 ≤ Version: 1.23.0-0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:go_standard_library:encoding\\/gob:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "encoding\\/gob",
            "vendor": "go_standard_library",
            "versions": [
              {
                "lessThan": "1.22.7",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.23.1",
                "status": "affected",
                "version": "1.23.0-0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-34156",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-09T14:04:16.338747Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T14:29:46.867Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-26T15:03:08.203Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20240926-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "encoding/gob",
          "product": "encoding/gob",
          "programRoutines": [
            {
              "name": "Decoder.decIgnoreOpFor"
            },
            {
              "name": "Decoder.Decode"
            },
            {
              "name": "Decoder.DecodeValue"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.22.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.23.1",
              "status": "affected",
              "version": "1.23.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-06T20:42:42.661Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/611239"
        },
        {
          "url": "https://go.dev/issue/69139"
        },
        {
          "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-3106"
        }
      ],
      "title": "Stack exhaustion in Decoder.Decode in encoding/gob"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-34156",
    "datePublished": "2024-09-06T20:42:42.661Z",
    "dateReserved": "2024-05-01T18:45:34.846Z",
    "dateUpdated": "2024-09-26T15:03:08.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45338 (GCVE-0-2024-45338)

Vulnerability from cvelistv5

Published

2024-12-18 20:38

Modified

2025-02-21 18:03

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-405: Asymmetric Resource Consumption (Amplification)

Summary

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

References

URL

Tags

	https://go.dev/cl/637536
	https://go.dev/issue/70906
	https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ
	https://pkg.go.dev/vuln/GO-2024-3333

Impacted products

	Vendor	Product	Version
	golang.org/x/net	golang.org/x/net/html	Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45338",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-31T19:51:42.228627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1333",
                "description": "CWE-1333 Inefficient Regular Expression Complexity",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-31T19:55:04.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-02-21T18:03:32.301Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250221-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/net/html",
          "product": "golang.org/x/net/html",
          "programRoutines": [
            {
              "name": "parseDoctype"
            },
            {
              "name": "htmlIntegrationPoint"
            },
            {
              "name": "inTableIM"
            },
            {
              "name": "inBodyIM"
            },
            {
              "name": "Parse"
            },
            {
              "name": "ParseFragment"
            },
            {
              "name": "ParseFragmentWithOptions"
            },
            {
              "name": "ParseWithOptions"
            }
          ],
          "vendor": "golang.org/x/net",
          "versions": [
            {
              "lessThan": "0.33.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Guido Vranken"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-18T20:38:22.660Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/637536"
        },
        {
          "url": "https://go.dev/issue/70906"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "title": "Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-45338",
    "datePublished": "2024-12-18T20:38:22.660Z",
    "dateReserved": "2024-08-27T19:41:58.555Z",
    "dateUpdated": "2025-02-21T18:03:32.301Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-61920 (GCVE-0-2025-61920)

Vulnerability from cvelistv5

Published

2025-10-10 19:25

Modified

2025-11-03 17:45

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-20 - Improper Input Validation
CWE-400 - Uncontrolled Resource Consumption
CWE-770 - Allocation of Resources Without Limits or Throttling

Summary

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service. Version 1.6.5 patches the issue. Some temporary workarounds are available. Enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.

References

URL

Tags

	https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9	x_refsource_CONFIRM
	https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	authlib	authlib	Version: < 1.6.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-61920",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-10T20:46:55.883426Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-10T20:47:08.736Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:45:23.708Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00032.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "authlib",
          "vendor": "authlib",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.6.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service. Version 1.6.5 patches the issue. Some temporary workarounds are available. Enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-10T19:25:07.679Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
        },
        {
          "name": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
        }
      ],
      "source": {
        "advisory": "GHSA-pq5p-34cr-23v9",
        "discovery": "UNKNOWN"
      },
      "title": "Authlib is vulnerable to Denial of Service via Oversized JOSE Segments"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-61920",
    "datePublished": "2025-10-10T19:25:07.679Z",
    "dateReserved": "2025-10-03T22:21:59.615Z",
    "dateUpdated": "2025-11-03T17:45:23.708Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2025:22287

Vulnerability from csaf_redhat

CVE-2024-45337 (GCVE-0-2024-45337)

Vulnerability from cvelistv5

CVE-2025-59420 (GCVE-0-2025-59420)

Vulnerability from cvelistv5

CVE-2024-34156 (GCVE-0-2024-34156)

Vulnerability from cvelistv5

CVE-2024-45338 (GCVE-0-2024-45338)

Vulnerability from cvelistv5

CVE-2025-61920 (GCVE-0-2025-61920)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature