RHSA-2026:1858
Vulnerability from csaf_redhat - Published: 2026-02-03 17:17 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1858",
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1858.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-02-03T20:56:16+00:00",
"generator": {
"date": "2026-02-03T20:56:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1858",
"initial_release_date": "2026-02-03T17:17:26+00:00",
"revision_history": [
{
"date": "2026-02-03T17:17:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:17:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 7",
"product": {
"name": "Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aeda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Afb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ace94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ac8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Af40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ad2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…