Vulnerability-Lookup

RHSA-2026:33154

Vulnerability from csaf_redhat - Published: 2026-06-29 15:52 - Updated: 2026-06-30 04:33

Summary

Red Hat Security Advisory: Red Hat Ceph Storage

Severity

Important

Notes

Topic: A new version of Red Hat build of Ceph Storage has been released

Details: The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1. This release updates to the latest version.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-6345

A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Important

CVE-2024-12905

A flaw was found in the tar-fs package for Node.js. In affected versions, unauthorized file writes or overwrites outside the intended extraction directory can occur when extracting a maliciously crafted tar file. The issue is associated with index.js in the tar-fs package.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le		—

Threats

Impact Important

CVE-2024-55565

A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le		—

Threats

Impact Moderate

CVE-2025-5889

A denial-of-service (DoS) vulnerability has been identified in the brace-expansion JavaScript package. This issue occurs due to inefficient regular expression complexity, which can be exploited by an attacker providing specially crafted input. Such input could lead to excessive processing time and resource consumption, rendering applications that utilize this package unresponsive and causing a denial-of-service condition.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Low

CVE-2025-13465

A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-45768

A flaw was found in pyjwt. The library uses weak encryption, allowing an attacker to potentially decrypt sensitive data. A network-based attacker can exploit this vulnerability without authentication, possibly resulting in a denial of service or data exposure. This weakness stems from the use of inadequate cryptographic algorithms.

0.0 (None)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2025-47913

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-50181

A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2025-52555

A vulnerability in Ceph was discovered whereby an unprivileged user could change the permissions of a directory owned by the root user, gaining access to the targeted directory. The non-privileged user can escalate privileges to root in a CephFS mounted with ceph-fuse by applying chmod 777 (read, write, and execute for all users) to any directory owned by root. This allows the user to read, write, and execute to that directory even if they were not the original owner. The vulnerability could potentially allow a user to gain unauthorized access or modify critical system data.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

CWE-272 - Least Privilege Violation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2025-59343

A symlink validation bypass flaw has been discovered in the npm tar-fs library. Affected versions are vulnerable to a symlink validation bypass if the destination directory is predictable with a specific tarball.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x	—	Workaround
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-21441

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x		—
Unresolved product id: Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le		—

Threats

Impact Important

References

81 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:33154	self
https://access.redhat.com/security/cve/CVE-2024-12905	external
https://access.redhat.com/security/cve/CVE-2024-55565	external
https://access.redhat.com/security/cve/CVE-2024-6345	external
https://access.redhat.com/security/cve/CVE-2025-13465	external
https://access.redhat.com/security/cve/CVE-2025-45768	external
https://access.redhat.com/security/cve/CVE-2025-47913	external
https://access.redhat.com/security/cve/CVE-2025-50181	external
https://access.redhat.com/security/cve/CVE-2025-52555	external
https://access.redhat.com/security/cve/CVE-2025-5889	external
https://access.redhat.com/security/cve/CVE-2025-59343	external
https://access.redhat.com/security/cve/CVE-2026-21441	external
https://access.redhat.com/security/updates/classi…	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-6345	self
https://bugzilla.redhat.com/show_bug.cgi?id=2297771	external
https://www.cve.org/CVERecord?id=CVE-2024-6345	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6345	external
https://github.com/pypa/setuptools/commit/88807c7…	external
https://huntr.com/bounties/d6362117-ad57-4e83-951…	external
https://access.redhat.com/security/cve/CVE-2024-12905	self
https://bugzilla.redhat.com/show_bug.cgi?id=2355460	external
https://www.cve.org/CVERecord?id=CVE-2024-12905	external
https://nvd.nist.gov/vuln/detail/CVE-2024-12905	external
https://github.com/mafintosh/tar-fs/commit/a1dd7e…	external
https://access.redhat.com/security/cve/CVE-2024-55565	self
https://bugzilla.redhat.com/show_bug.cgi?id=2331063	external
https://www.cve.org/CVERecord?id=CVE-2024-55565	external
https://nvd.nist.gov/vuln/detail/CVE-2024-55565	external
https://github.com/ai/nanoid/compare/3.3.7...3.3.8	external
https://github.com/ai/nanoid/pull/510	external
https://github.com/ai/nanoid/releases/tag/5.0.9	external
https://access.redhat.com/security/cve/CVE-2025-5889	self
https://bugzilla.redhat.com/show_bug.cgi?id=2371270	external
https://www.cve.org/CVERecord?id=CVE-2025-5889	external
https://nvd.nist.gov/vuln/detail/CVE-2025-5889	external
https://gist.github.com/mmmsssttt404/37a40ce7d6e5…	external
https://github.com/juliangruber/brace-expansion/p…	external
https://vuldb.com/?ctiid.311660	external
https://vuldb.com/?id.311660	external
https://vuldb.com/?submit.585717	external
https://access.redhat.com/security/cve/CVE-2025-13465	self
https://bugzilla.redhat.com/show_bug.cgi?id=2431740	external
https://www.cve.org/CVERecord?id=CVE-2025-13465	external
https://nvd.nist.gov/vuln/detail/CVE-2025-13465	external
https://github.com/lodash/lodash/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2025-45768	self
https://www.cve.org/CVERecord?id=CVE-2025-45768	external
https://access.redhat.com/security/cve/CVE-2025-47913	self
https://bugzilla.redhat.com/show_bug.cgi?id=2414943	external
https://www.cve.org/CVERecord?id=CVE-2025-47913	external
https://nvd.nist.gov/vuln/detail/CVE-2025-47913	external
https://github.com/advisories/GHSA-hcg3-q754-cr77	external
https://go.dev/cl/700295	external
https://go.dev/issue/75178	external
https://pkg.go.dev/vuln/GO-2025-4116	external
https://access.redhat.com/security/cve/CVE-2025-50181	self
https://bugzilla.redhat.com/show_bug.cgi?id=2373799	external
https://www.cve.org/CVERecord?id=CVE-2025-50181	external
https://nvd.nist.gov/vuln/detail/CVE-2025-50181	external
https://github.com/urllib3/urllib3/commit/f05b132…	external
https://github.com/urllib3/urllib3/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-52555	self
https://bugzilla.redhat.com/show_bug.cgi?id=2374412	external
https://www.cve.org/CVERecord?id=CVE-2025-52555	external
https://nvd.nist.gov/vuln/detail/CVE-2025-52555	external
https://github.com/ceph/ceph/pull/60314	external
https://github.com/ceph/ceph/security/advisories/…	external
https://access.redhat.com/security/cve/CVE-2025-59343	self
https://bugzilla.redhat.com/show_bug.cgi?id=2397901	external
https://www.cve.org/CVERecord?id=CVE-2025-59343	external
https://nvd.nist.gov/vuln/detail/CVE-2025-59343	external
https://github.com/mafintosh/tar-fs/commit/0bd54c…	external
https://github.com/mafintosh/tar-fs/security/advi…	external
https://access.redhat.com/security/cve/CVE-2026-21441	self
https://bugzilla.redhat.com/show_bug.cgi?id=2427726	external
https://www.cve.org/CVERecord?id=CVE-2026-21441	external
https://nvd.nist.gov/vuln/detail/CVE-2026-21441	external
https://github.com/urllib3/urllib3/commit/8864ac4…	external
https://github.com/urllib3/urllib3/security/advis…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new version of Red Hat build of Ceph Storage has been released",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.\nThis release updates to the latest version.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:33154",
        "url": "https://access.redhat.com/errata/RHSA-2026:33154"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-12905",
        "url": "https://access.redhat.com/security/cve/CVE-2024-12905"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
        "url": "https://access.redhat.com/security/cve/CVE-2024-55565"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-6345",
        "url": "https://access.redhat.com/security/cve/CVE-2024-6345"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
        "url": "https://access.redhat.com/security/cve/CVE-2025-13465"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-45768",
        "url": "https://access.redhat.com/security/cve/CVE-2025-45768"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
        "url": "https://access.redhat.com/security/cve/CVE-2025-47913"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-50181",
        "url": "https://access.redhat.com/security/cve/CVE-2025-50181"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-52555",
        "url": "https://access.redhat.com/security/cve/CVE-2025-52555"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-5889",
        "url": "https://access.redhat.com/security/cve/CVE-2025-5889"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-59343",
        "url": "https://access.redhat.com/security/cve/CVE-2025-59343"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
        "url": "https://access.redhat.com/security/cve/CVE-2026-21441"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33154.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Ceph Storage",
    "tracking": {
      "current_release_date": "2026-06-30T04:33:30+00:00",
      "generator": {
        "date": "2026-06-30T04:33:30+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.0"
        }
      },
      "id": "RHSA-2026:33154",
      "initial_release_date": "2026-06-29T15:52:25+00:00",
      "revision_history": [
        {
          "date": "2026-06-29T15:52:25+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-29T15:52:35+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T04:33:30+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 7.1",
                "product": {
                  "name": "Red Hat Ceph Storage 7.1",
                  "product_id": "Red Hat Ceph Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:7.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256%3A8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=1781855851"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781856344"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256%3Ada760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=1781855108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=1781856148"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
                  "product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256%3Abe5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=1781863705"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1781854814"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256%3Afebdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=1781855851"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781856344"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256%3A3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=1781855108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
                  "product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=1781856148"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
                  "product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256%3Afe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=1781863705"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1781854814"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256%3Aeb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=1781855851"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=1781856344"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256%3A44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=1781855108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Aee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=1781856148"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256%3A57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=1781863705"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le",
                "product": {
                  "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le",
                  "product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Aeb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1781854814"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64 as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le as a component of Red Hat Ceph Storage 7.1",
          "product_id": "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        },
        "product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le",
        "relates_to_product_reference": "Red Hat Ceph Storage 7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6345",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2024-07-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297771"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack does not include setuptools. The ImcSdk component uses it only during compile time in our build systems, and we do not support recompiling SRPMs. As a result, Red Hat OpenStack is not affected by this flaw.\n\nPython 2.7.18 was marked End of Life on 04/20/2020. No patches for Python 2 would be made available.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297771",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297771"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6345",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
        },
        {
          "category": "external",
          "summary": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0",
          "url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
        },
        {
          "category": "external",
          "summary": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5",
          "url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
        }
      ],
      "release_date": "2024-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools"
    },
    {
      "cve": "CVE-2024-12905",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2025-03-27T17:02:14.911888+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2355460"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the tar-fs package for Node.js. In affected versions, unauthorized file writes or overwrites outside the intended extraction directory can occur when extracting a maliciously crafted tar file. The issue is associated with index.js in the tar-fs package.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tar-fs: link following and path traversal via maliciously crafted tar file",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an important severity because it allows attackers to extract a malicious tar file that can write or overwrite files outside the intended directory. This occurs due to improper handling of link resolution and pathname limitations. The risk is high for systems that automatically extract tar files, as it can lead to data corruption or unauthorized file modifications without user interaction.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-12905"
        },
        {
          "category": "external",
          "summary": "RHBZ#2355460",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355460"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-12905",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12905",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12905"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed",
          "url": "https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed"
        }
      ],
      "release_date": "2025-03-27T16:25:34.410000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tar-fs: link following and path traversal via maliciously crafted tar file"
    },
    {
      "cve": "CVE-2024-55565",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-12-09T02:00:45.255738+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2331063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nanoid: nanoid mishandles non-integer values",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "RHBZ#2331063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
          "url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/pull/510",
          "url": "https://github.com/ai/nanoid/pull/510"
        },
        {
          "category": "external",
          "summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
          "url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
        }
      ],
      "release_date": "2024-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "nanoid: nanoid mishandles non-integer values"
    },
    {
      "cve": "CVE-2025-5889",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "discovery_date": "2025-06-09T19:00:43.176857+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2371270"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial-of-service (DoS) vulnerability has been identified in the brace-expansion JavaScript package. This issue occurs due to inefficient regular expression complexity, which can be exploited by an attacker providing specially crafted input. Such input could lead to excessive processing time and resource consumption, rendering applications that utilize this package unresponsive and causing a denial-of-service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "brace-expansion: juliangruber brace-expansion index.js expand redos",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-5889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2371270",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2371270"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-5889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5889"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466",
          "url": "https://gist.github.com/mmmsssttt404/37a40ce7d6e5ca604858fe30814d9466"
        },
        {
          "category": "external",
          "summary": "https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5",
          "url": "https://github.com/juliangruber/brace-expansion/pull/65/commits/a5b98a4f30d7813266b221435e1eaaf25a1b0ac5"
        },
        {
          "category": "external",
          "summary": "https://vuldb.com/?ctiid.311660",
          "url": "https://vuldb.com/?ctiid.311660"
        },
        {
          "category": "external",
          "summary": "https://vuldb.com/?id.311660",
          "url": "https://vuldb.com/?id.311660"
        },
        {
          "category": "external",
          "summary": "https://vuldb.com/?submit.585717",
          "url": "https://vuldb.com/?submit.585717"
        }
      ],
      "release_date": "2025-06-09T18:16:01.889000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "brace-expansion: juliangruber brace-expansion index.js expand redos"
    },
    {
      "cve": "CVE-2025-13465",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "discovery_date": "2026-01-21T20:01:28.774829+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2431740"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "lodash: prototype pollution in _.unset and _.omit functions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-13465"
        },
        {
          "category": "external",
          "summary": "RHBZ#2431740",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
        },
        {
          "category": "external",
          "summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
          "url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
        }
      ],
      "release_date": "2026-01-21T19:05:28.846000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "lodash: prototype pollution in _.unset and _.omit functions"
    },
    {
      "cve": "CVE-2025-45768",
      "discovery_date": "2025-07-31T21:01:30.698283+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in pyjwt. The library uses weak encryption, allowing an attacker to potentially decrypt sensitive data. A network-based attacker can exploit this vulnerability without authentication, possibly resulting in a denial of service or data exposure. This weakness stems from the use of inadequate cryptographic algorithms.",
          "title": "Vulnerability description"
        },
        {
          "category": "other",
          "text": "This CVE has been disputed by the PyJWT. The developers of PyJWT confirm that this issue is not a flaw in the library\u0027s function but rather a potential risk if an application developer chooses to use weak, short cryptographic keys.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-45768"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-45768",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
        }
      ],
      "release_date": "2025-07-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "pyjwt: pyjwt Weak Encryption Vulnerability"
    },
    {
      "cve": "CVE-2025-47913",
      "discovery_date": "2025-11-13T22:01:26.092452+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2414943"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "RHBZ#2414943",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
          "url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/700295",
          "url": "https://go.dev/cl/700295"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/75178",
          "url": "https://go.dev/issue/75178"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4116",
          "url": "https://pkg.go.dev/vuln/GO-2025-4116"
        }
      ],
      "release_date": "2025-11-13T21:29:39.907000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
    },
    {
      "cve": "CVE-2025-50181",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "discovery_date": "2025-06-19T02:00:42.866992+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2373799"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A flaw was found in the urllib3 library where it could be tricked into disclosing the Proxy-Authorization header to a destination server when a CONNECT tunnel is used. An attacker can set up a malicious redirect to a crafted URL, which, when followed by the client application, will cause the Proxy-Authorization header to be sent to the attacker-controlled server. This leaks sensitive credentials for the proxy. The impact is primarily on confidentiality. While urllib3 is a ubiquitous component, the vulnerability requires a specific scenario where a user is connecting to a proxy that requires authentication and is redirected to a malicious endpoint. This lowers the exploitability compared to a direct, unauthenticated remote attack, thus, warranting a Moderate severity rating.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-50181"
        },
        {
          "category": "external",
          "summary": "RHBZ#2373799",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373799"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-50181",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-50181",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50181"
        },
        {
          "category": "external",
          "summary": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857",
          "url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857"
        },
        {
          "category": "external",
          "summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v",
          "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"
        }
      ],
      "release_date": "2025-06-19T01:08:00.340000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation"
    },
    {
      "cve": "CVE-2025-52555",
      "cwe": {
        "id": "CWE-272",
        "name": "Least Privilege Violation"
      },
      "discovery_date": "2025-06-23T21:07:48.565000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2374412"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Ceph was discovered whereby an unprivileged user could change the permissions of a directory owned by the root user, gaining access to the targeted directory. The non-privileged user can escalate privileges to root in a CephFS mounted with ceph-fuse by applying chmod 777 (read, write, and execute for all users) to any directory owned by root. This allows the user to read, write, and execute to that directory even if they were not the original owner. The vulnerability could potentially allow a user to gain unauthorized access or modify critical system data.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-52555"
        },
        {
          "category": "external",
          "summary": "RHBZ#2374412",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374412"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-52555",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-52555"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52555",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52555"
        },
        {
          "category": "external",
          "summary": "https://github.com/ceph/ceph/pull/60314",
          "url": "https://github.com/ceph/ceph/pull/60314"
        },
        {
          "category": "external",
          "summary": "https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm",
          "url": "https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm"
        }
      ],
      "release_date": "2025-06-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Red Hat Product Security does not have any recommended mitigations at this time. Please update as patched versions become available.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS"
    },
    {
      "cve": "CVE-2025-59343",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-09-24T18:01:19.612438+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2397901"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A symlink validation bypass flaw has been discovered in the npm tar-fs library. Affected versions are vulnerable to a symlink validation bypass if the destination directory is predictable with a specific tarball.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tar-fs: tar-fs symlink validation bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "RHBZ#2397901",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397901"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-59343",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59343"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09",
          "url": "https://github.com/mafintosh/tar-fs/commit/0bd54cdf06da2b7b5b95cd4b062c9f4e0a8c4e09"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v",
          "url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-vj76-c3g6-qr5v"
        }
      ],
      "release_date": "2025-09-24T17:43:34.728000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tar-fs: tar-fs symlink validation bypass"
    },
    {
      "cve": "CVE-2026-21441",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-01-07T23:01:59.422078+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2427726"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
        ],
        "known_not_affected": [
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
          "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-21441"
        },
        {
          "category": "external",
          "summary": "RHBZ#2427726",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
        },
        {
          "category": "external",
          "summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
          "url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
        },
        {
          "category": "external",
          "summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
          "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
        }
      ],
      "release_date": "2026-01-07T22:09:01.936000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-29T15:52:25+00:00",
          "details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
          "product_ids": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33154"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:8bcb8976618246bc3c73f7986b7d566d9d26cda16c6043f6820f6efa2f8a3c2c_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:eb16743753a9a8d1c781d211a52e7e7ef1eb85c5d816b1328b48196a330af717_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/grafana-rhel9@sha256:febdc339e022b45a25d0956536adda36c761e71770a0d60475ea7ae4a331d898_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:3a4815d3406f797d153af4ec0f8d599981f44bb7fd98429b3ea8f935b4b96d30_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:44d1c4858b983250a223f56d1dbb4f255bb9c2ac50d0f5dbabdc62f9519789b6_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/keepalived-rhel9@sha256:da760b2fd9c2636f5b82e1d3b332f2efe0bbbbbe0624bf4c912bda10be057fe3_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:57eaf98ed402584fca1e6b804ad97fbf2287219ad617f69c96b0cd48279e7a98_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:be5cbfcebfac4d05e8b1e6c39e00a7571987d1a7efd995b4ea6333c8c0a7e812_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:fe482274c22406b77c3fd4bd4822b10f0d1e94bdc7a69fa1843a2f3d85860c8a_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:14f8f48bbcbd2f61be00cf5cbe636fa13f65404732e115fdb910bbce7578c734_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3b07124326d4fb24eabbc3127068a00a8e54873943a9e4896f276e9be1f5c8bb_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:4c30728f5f5c19a7b570bd677e3733c68dff8d661da292a304318fdc87d235c7_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3068c146d01dd9e5065d4a18158e57be1dbe88d53ecc71b44ab832f359b9537e_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:3529361e69b98fa7875f542d8e2fc90cbbc694b12b442ee354b8c008f623d2f7_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:ee7d1dbad6fbd2a80b00db3cd949bd6b45f17b90aec8400d79c6ee2d6dea1117_ppc64le",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:014266a322f1df6bcec437f06ff66e8dee91a2f84e6a8333b6035b0031a165b6_amd64",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:09c6b326c8582909aac8a4f782ff0ff352cc3347a26f0e282be7537dfa746853_s390x",
            "Red Hat Ceph Storage 7.1:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:eb7dcdf167e1319f218aae5bf042ad79336821e854dfaf6283b38f0b1b186734_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
    }
  ]
}

CVE-2026-21441 (GCVE-0-2026-21441)

Vulnerability from cvelistv5 – Published: 2026-01-07 22:09 – Updated: 2026-06-30 12:06

Title

urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

Summary

Severity

8.9 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Assigner

GitHub_M

References

114 references

URL	Tags
https://github.com/urllib3/urllib3/security/advis…	x_refsource_CONFIRM
https://github.com/urllib3/urllib3/commit/8864ac4…	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2026…
https://access.redhat.com/security/cve/CVE-2026-21441	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2427726	issue-trackingx_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/v…	x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:2911	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:28043	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1485	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2765	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2764	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2760	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1240	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1224	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1226	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1803	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1792	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1791	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1676	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1734	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1735	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1546	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1717	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1712	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1957	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1706	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1704	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1619	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1239	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1089	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1088	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1726	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1086	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1254	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2728	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2723	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2717	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2718	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1618	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1693	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1674	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1729	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1087	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1241	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1805	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1793	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1794	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2500	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2256	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2900	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3444	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3461	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3462	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:25127	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8151	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4466	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4467	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1599	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1609	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1596	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3960	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33154	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1652	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3406	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1736	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:10184	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3782	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2695	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2106	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19712	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3713	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2456	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3869	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3874	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3884	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1730	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4185	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4215	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1942	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2681	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2762	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1504	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6287	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8500	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6292	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14877	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:8501	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2924	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2926	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2925	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2919	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2137	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:4271	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:3296	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2144	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2139	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2126	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:5459	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:2563	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17456	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17457	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17460	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17461	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17462	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:17463	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1038	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1166	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0981	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1176	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1041	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1168	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:0990	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:1042	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:28441	vendor-advisoryx_refsource_REDHAT

Impacted products

136 products

Vendor	Product	Version
urllib3	urllib3	Affected: >= 1.22, < 2.6.3
Red Hat	Red Hat Enterprise Linux Server HighAvailability (v. 7 ELS)	cpe:/o:redhat:enterprise_linux:7::server
Red Hat	Red Hat Enterprise Linux Server ResilientStorage (v. 7 ELS)	cpe:/o:redhat:enterprise_linux:7::server
Red Hat	Red Hat OpenStack Platform 17.1	cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:17.1::el8
Red Hat	RHUI 4 for RHEL 8	cpe:/a:redhat:rhui:4::el8
Red Hat	Red Hat Satellite 6.16 for RHEL 8	cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8
Red Hat	Red Hat Satellite 6.16 for RHEL 9	cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el9
Red Hat	Red Hat Satellite 6.17 for RHEL 9	cpe:/a:redhat:satellite:6.17::el9 cpe:/a:redhat:satellite_capsule:6.17::el9 cpe:/a:redhat:satellite_utils:6.17::el9
Red Hat	Red Hat Satellite 6.18 for RHEL 9	cpe:/a:redhat:satellite:6.18::el9 cpe:/a:redhat:satellite_capsule:6.18::el9 cpe:/a:redhat:satellite_maintenance:6.18::el9 cpe:/a:redhat:satellite_utils:6.18::el9
Red Hat	Red Hat Enterprise Linux AppStream (v. 8)	cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux AppStream AUS (v.8.4)	cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)	cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux AppStream AUS (v.8.6)	cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux AppStream E4S (v.8.6)	cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux AppStream TUS (v.8.6)	cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux AppStream E4S (v.8.8)	cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux AppStream TUS (v.8.8)	cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux AppStream E4S (v.9.0)	cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux AppStream E4S (v.9.2)	cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux AppStream EUS (v.9.4)	cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux AppStream EUS (v.9.6)	cpe:/a:redhat:rhel_eus:9.6::appstream
Red Hat	Red Hat Enterprise Linux AppStream (v. 9)	cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux BaseOS EUS (v. 10.0)	cpe:/o:redhat:enterprise_linux_eus:10.0
Red Hat	Red Hat Enterprise Linux BaseOS (v. 10)	cpe:/o:redhat:enterprise_linux:10.1
Red Hat	Red Hat Enterprise Linux BaseOS (v. 8)	cpe:/o:redhat:enterprise_linux:8::baseos
Red Hat	Red Hat Enterprise Linux BaseOS AUS (v. 8.2)	cpe:/o:redhat:rhel_aus:8.2::baseos
Red Hat	Red Hat Enterprise Linux BaseOS AUS (v.8.4)	cpe:/o:redhat:rhel_aus:8.4::baseos
Red Hat	Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
Red Hat	Red Hat Enterprise Linux BaseOS AUS (v.8.6)	cpe:/o:redhat:rhel_aus:8.6::baseos
Red Hat	Red Hat Enterprise Linux BaseOS E4S (v.8.6)	cpe:/o:redhat:rhel_e4s:8.6::baseos
Red Hat	Red Hat Enterprise Linux BaseOS TUS (v.8.6)	cpe:/o:redhat:rhel_tus:8.6::baseos
Red Hat	Red Hat Enterprise Linux BaseOS E4S (v.8.8)	cpe:/o:redhat:rhel_e4s:8.8::baseos
Red Hat	Red Hat Enterprise Linux BaseOS TUS (v.8.8)	cpe:/o:redhat:rhel_tus:8.8::baseos
Red Hat	Red Hat Enterprise Linux BaseOS E4S (v.9.0)	cpe:/o:redhat:rhel_e4s:9.0::baseos
Red Hat	Red Hat Enterprise Linux BaseOS E4S (v.9.2)	cpe:/o:redhat:rhel_e4s:9.2::baseos
Red Hat	Red Hat Enterprise Linux BaseOS EUS (v.9.4)	cpe:/o:redhat:rhel_eus:9.4::baseos
Red Hat	Red Hat Enterprise Linux BaseOS EUS (v.9.6)	cpe:/o:redhat:rhel_eus:9.6::baseos
Red Hat	Red Hat Enterprise Linux BaseOS (v. 9)	cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux HighAvailability (v. 8)	cpe:/a:redhat:enterprise_linux:8::highavailability
Red Hat	Red Hat Enterprise Linux High Availability AUS (v.8.4)	cpe:/a:redhat:rhel_aus:8.4::highavailability
Red Hat	Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)	cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability
Red Hat	Red Hat Enterprise Linux High Availability E4S (v.8.6)	cpe:/a:redhat:rhel_e4s:8.6::highavailability
Red Hat	Red Hat Enterprise Linux High Availability TUS (v.8.6)	cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux High Availability E4S (v.8.8)	cpe:/a:redhat:rhel_e4s:8.8::highavailability
Red Hat	Red Hat Enterprise Linux High Availability TUS (v.8.8)	cpe:/a:redhat:rhel_tus:8.8::highavailability
Red Hat	Red Hat Enterprise Linux High Availability E4S (v.9.0)	cpe:/a:redhat:rhel_e4s:9.0::highavailability
Red Hat	Red Hat Enterprise Linux High Availability E4S (v.9.2)	cpe:/a:redhat:rhel_e4s:9.2::highavailability
Red Hat	Red Hat Enterprise Linux High Availability EUS (v.9.4)	cpe:/a:redhat:rhel_eus:9.4::highavailability
Red Hat	Multicluster Global Hub 1.4.5	cpe:/a:redhat:multicluster_globalhub:1.4::el9
Red Hat	Multicluster Global Hub 1.5.4	cpe:/a:redhat:multicluster_globalhub:1.5::el9
Red Hat	Network Observability (NETOBSERV) 1.11.2	cpe:/a:redhat:network_observ_optr:1.11::el9
Red Hat	OpenShift API for Data Protection 1.3	cpe:/a:redhat:openshift_api_data_protection:1.3::el9
Red Hat	Red Hat AI Inference Server 3.2	cpe:/a:redhat:ai_inference_server:3.2::el9
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2.14	cpe:/a:redhat:acm:2.14::el9
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2.15	cpe:/a:redhat:acm:2.15::el9
Red Hat	Red Hat Advanced Cluster Security for Kubernetes 4.8	cpe:/a:redhat:advanced_cluster_security:4.8::el8
Red Hat	Red Hat Advanced Cluster Security for Kubernetes 4.9	cpe:/a:redhat:advanced_cluster_security:4.9::el8
Red Hat	Red Hat Ansible Automation Platform 2.4	cpe:/a:redhat:ansible_automation_platform:2.4::el8
Red Hat	Red Hat Ansible Automation Platform 2.5	cpe:/a:redhat:ansible_automation_platform:2.5::el8
Red Hat	Red Hat Ansible Automation Platform 2.6	cpe:/a:redhat:ansible_automation_platform:2.6::el9
Red Hat	Red Hat Ceph Storage 7.1	cpe:/a:redhat:ceph_storage:7.1::el9
Red Hat	Red Hat Ceph Storage 8	cpe:/a:redhat:ceph_storage:8::el9
Red Hat	Red Hat Ceph Storage 9	cpe:/a:redhat:ceph_storage:9::el10
Red Hat	Red Hat Discovery 2	cpe:/a:redhat:discovery:2::el9
Red Hat	Red Hat OpenShift AI 2.25	cpe:/a:redhat:openshift_ai:2.25::el9
Red Hat	Red Hat OpenShift AI 3.3	cpe:/a:redhat:openshift_ai:3.3::el9
Red Hat	Red Hat OpenShift Dev Spaces (RHOSDS) 3.26	cpe:/a:redhat:openshift_devspaces:3.26::el9
Red Hat	Red Hat OpenShift GitOps 1.17	cpe:/a:redhat:openshift_gitops:1.17::el8
Red Hat	Red Hat OpenShift GitOps 1.18	cpe:/a:redhat:openshift_gitops:1.18::el8
Red Hat	Red Hat OpenShift GitOps 1.19	cpe:/a:redhat:openshift_gitops:1.19::el8
Red Hat	Red Hat Quay 3.12	cpe:/a:redhat:quay:3.12::el8
Red Hat	Red Hat Quay 3.13	cpe:/a:redhat:quay:3.13::el8
Red Hat	Red Hat Quay 3.14	cpe:/a:redhat:quay:3.14::el8
Red Hat	Red Hat Quay 3.15	cpe:/a:redhat:quay:3.15::el8
Red Hat	Red Hat Quay 3.16	cpe:/a:redhat:quay:3.16::el9
Red Hat	Red Hat Quay 3.1	cpe:/a:redhat:quay:3.10::el8
Red Hat	Red Hat Satellite 6.18	cpe:/a:redhat:satellite:6.18::el9
Red Hat	Red Hat Trusted Artifact Signer 1.2	cpe:/a:redhat:trusted_artifact_signer:1.2::el9
Red Hat	Red Hat Trusted Artifact Signer 1.3	cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Red Hat	Red Hat Update Infrastructure 5	cpe:/a:redhat:rhui:5::el9
Red Hat	Red Hat Enterprise Linux ResilientStorage (v. 8)	cpe:/a:redhat:enterprise_linux:8::resilientstorage
Red Hat	Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)	cpe:/a:redhat:rhel_e4s:9.0::resilientstorage
Red Hat	Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)	cpe:/a:redhat:rhel_e4s:9.2::resilientstorage
Red Hat	Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)	cpe:/a:redhat:rhel_eus:9.4::resilientstorage
Red Hat	Zero Trust Workload Identity Manager 1	cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9
Red Hat	cert-manager operator for Red Hat OpenShift 1.18	cpe:/a:redhat:cert_manager:1.18::el9
Red Hat	mirror registry for Red Hat OpenShift 2.0	cpe:/a:redhat:mirror_registry:2.0::el8
Red Hat	External Secrets Operator for Red Hat OpenShift	cpe:/a:redhat:external_secrets_operator:1
Red Hat	Logging Subsystem for Red Hat OpenShift	cpe:/a:redhat:logging:5
Red Hat	Migration Toolkit for Containers	cpe:/a:redhat:rhmt:1
Red Hat	Migration Toolkit for Virtualization	cpe:/a:redhat:migration_toolkit_virtualization:2
Red Hat	Multiarch Tuning Operator	cpe:/a:redhat:multiarch_tuning_operator
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	OpenShift Developer Tools and Services	cpe:/a:redhat:ocp_tools
Red Hat	OpenShift Lightspeed	cpe:/a:redhat:openshift_lightspeed
Red Hat	OpenShift Pipelines	cpe:/a:redhat:openshift_pipelines:1
Red Hat	OpenShift Serverless	cpe:/a:redhat:serverless:1
Red Hat	Red Hat AI Inference Server	cpe:/a:redhat:ai_inference_server:3
Red Hat	Red Hat Ansible Automation Platform 2	cpe:/a:redhat:ansible_automation_platform:2
Red Hat	Red Hat Ansible Automation Platform Ansible Core 2	cpe:/a:redhat:ansible_core:2
Red Hat	Red Hat build of Quarkus Native builder	cpe:/a:redhat:quarkus:3
Red Hat	Red Hat Certification Program for Red Hat Enterprise Linux 9	cpe:/a:redhat:certifications:9
Red Hat	Red Hat Connectivity Link 1	cpe:/a:redhat:connectivity_link:1
Red Hat	Red Hat Developer Hub	cpe:/a:redhat:rhdh:1
Red Hat	Red Hat Edge Manager preview	cpe:/a:redhat:edge_manager:0
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux AI (RHEL AI) 3	cpe:/a:redhat:enterprise_linux_ai:3
Red Hat	Red Hat Offline Knowledge Portal	cpe:/a:redhat:offline_knowledge_portal:1
Red Hat	Red Hat OpenShift AI (RHOAI)	cpe:/a:redhat:openshift_ai
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat Openshift Data Foundation 4	cpe:/a:redhat:openshift_data_foundation:4
Red Hat	Red Hat OpenShift Dev Spaces	cpe:/a:redhat:openshift_devspaces:3
Red Hat	Red Hat Satellite 6	cpe:/a:redhat:satellite:6
Red Hat	Zero Trust Workload Identity Manager - Tech Preview	cpe:/a:redhat:zero_trust_workload_identity_manager:0
Red Hat	Assisted Installer for Red Hat OpenShift Container Platform 2	cpe:/a:redhat:assisted_installer:2
Red Hat	Confidential Compute Attestation	cpe:/a:redhat:confidential_compute_attestation:1
Red Hat	Dynamic Accelerator Slicer Operator for Red Hat OpenShift	cpe:/a:redhat:dynamic_accelerator_slicer:1
Red Hat	external secrets operator for Red Hat OpenShift - Tech Preview	cpe:/a:redhat:external_secrets_operator:0
Red Hat	Fence Agents Remediation Operator	cpe:/a:redhat:workload_availability_far:0
Red Hat	Node HealthCheck Operator	cpe:/a:redhat:workload_availability_nhc:0
Red Hat	OpenShift API for Data Protection	cpe:/a:redhat:openshift_api_data_protection:1
Red Hat	OpenShift Service Mesh 2	cpe:/a:redhat:service_mesh:2
Red Hat	OpenShift Service Mesh 3	cpe:/a:redhat:service_mesh:3
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2	cpe:/a:redhat:acm:2
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat OpenShift GitOps	cpe:/a:redhat:openshift_gitops:1
Red Hat	Red Hat OpenShift Update Service	cpe:/a:redhat:openshift_update_service:5
Red Hat	Red Hat OpenStack Platform 13 (Queens)	cpe:/a:redhat:openstack:13
Red Hat	Red Hat OpenStack Platform 16.2	cpe:/a:redhat:openstack:16.2
Red Hat	Red Hat OpenStack Platform 18.0	cpe:/a:redhat:openstack:18.0
Red Hat	Red Hat Quay 3	cpe:/a:redhat:quay:3
Red Hat	Self Node Remediation Operator	cpe:/a:redhat:workload_availability_snr:0
Red Hat	Service Telemetry Framework 1.5	cpe:/a:redhat:stf:1.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21441",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-08T20:08:04.959214Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-08T20:08:22.320Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-23T09:07:22.785Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7::server"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Server HighAvailability (v. 7 ELS)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7::server"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Server ResilientStorage (v. 7 ELS)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openstack:17.1",
              "cpe:/a:redhat:openstack:17.1::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenStack Platform 17.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhui:4::el8"
            ],
            "defaultStatus": "affected",
            "product": "RHUI 4 for RHEL 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el8",
              "cpe:/a:redhat:satellite_capsule:6.16::el8",
              "cpe:/a:redhat:satellite_utils:6.16::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6.16 for RHEL 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6.16::el9",
              "cpe:/a:redhat:satellite_capsule:6.16::el9",
              "cpe:/a:redhat:satellite_utils:6.16::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6.16 for RHEL 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6.17::el9",
              "cpe:/a:redhat:satellite_capsule:6.17::el9",
              "cpe:/a:redhat:satellite_utils:6.17::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6.17 for RHEL 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6.18::el9",
              "cpe:/a:redhat:satellite_capsule:6.18::el9",
              "cpe:/a:redhat:satellite_maintenance:6.18::el9",
              "cpe:/a:redhat:satellite_utils:6.18::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6.18 for RHEL 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_aus:8.4::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_aus:8.6::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:8.6::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_tus:8.6::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:8.8::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_tus:8.8::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.0::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.4::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.6::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:9::appstream"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AppStream (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux_eus:10.0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10.1"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_aus:8.2::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_aus:8.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_aus:8.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:8.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_tus:8.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:8.8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_tus:8.8::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:9.0::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_e4s:9.2::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus:9.4::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:rhel_eus:9.6::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9::baseos"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux BaseOS (v. 9)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux HighAvailability (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_aus:8.4::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability AUS (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:8.6::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_tus:8.6::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:8.8::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability E4S (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_tus:8.8::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability TUS (v.8.8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.0::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability E4S (v.9.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.4::highavailability"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux High Availability EUS (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.4.5",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.5.4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:network_observ_optr:1.11::el9"
            ],
            "defaultStatus": "affected",
            "product": "Network Observability (NETOBSERV) 1.11.2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
            ],
            "defaultStatus": "affected",
            "product": "OpenShift API for Data Protection 1.3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ai_inference_server:3.2::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat AI Inference Server 3.2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:acm:2.14::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:acm:2.15::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2.4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2.5::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2.5",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2.6::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2.6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:7.1::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 7.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:8::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:9::el10"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:discovery:2::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Discovery 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_ai:2.25::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift AI 2.25",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_ai:3.3::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift AI 3.3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_devspaces:3.26::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1.17::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift GitOps 1.17",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1.18::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift GitOps 1.18",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1.19::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift GitOps 1.19",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.12::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.12",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.13::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.13",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.14::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.14",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.15::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.15",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.16::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.16",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3.10::el8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Quay 3.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6.18::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6.18",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Trusted Artifact Signer 1.2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Trusted Artifact Signer 1.3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhui:5::el9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Update Infrastructure 5",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_e4s:9.2::resilientstorage"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhel_eus:9.4::resilientstorage"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9"
            ],
            "defaultStatus": "affected",
            "product": "Zero Trust Workload Identity Manager 1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:cert_manager:1.18::el9"
            ],
            "defaultStatus": "affected",
            "product": "cert-manager operator for Red Hat OpenShift 1.18",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:mirror_registry:2.0::el8"
            ],
            "defaultStatus": "affected",
            "product": "mirror registry for Red Hat OpenShift 2.0",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:external_secrets_operator:1"
            ],
            "defaultStatus": "affected",
            "product": "External Secrets Operator for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "affected",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhmt:1"
            ],
            "defaultStatus": "affected",
            "product": "Migration Toolkit for Containers",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:migration_toolkit_virtualization:2"
            ],
            "defaultStatus": "affected",
            "product": "Migration Toolkit for Virtualization",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multiarch_tuning_operator"
            ],
            "defaultStatus": "affected",
            "product": "Multiarch Tuning Operator",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ocp_tools"
            ],
            "defaultStatus": "affected",
            "product": "OpenShift Developer Tools and Services",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_lightspeed"
            ],
            "defaultStatus": "affected",
            "product": "OpenShift Lightspeed",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_pipelines:1"
            ],
            "defaultStatus": "affected",
            "product": "OpenShift Pipelines",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:serverless:1"
            ],
            "defaultStatus": "affected",
            "product": "OpenShift Serverless",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ai_inference_server:3"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat AI Inference Server",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_automation_platform:2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ansible_core:2"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ansible Automation Platform Ansible Core 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quarkus:3"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat build of Quarkus Native builder",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:certifications:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:connectivity_link:1"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Connectivity Link 1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:rhdh:1"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Developer Hub",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:edge_manager:0"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Edge Manager preview",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:offline_knowledge_portal:1"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Offline Knowledge Portal",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_ai"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift AI (RHOAI)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Openshift Data Foundation 4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_devspaces:3"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift Dev Spaces",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:satellite:6"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Satellite 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
            ],
            "defaultStatus": "affected",
            "product": "Zero Trust Workload Identity Manager - Tech Preview",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:assisted_installer:2"
            ],
            "defaultStatus": "unaffected",
            "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:confidential_compute_attestation:1"
            ],
            "defaultStatus": "unaffected",
            "product": "Confidential Compute Attestation",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:dynamic_accelerator_slicer:1"
            ],
            "defaultStatus": "unaffected",
            "product": "Dynamic Accelerator Slicer Operator for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:external_secrets_operator:0"
            ],
            "defaultStatus": "unaffected",
            "product": "external secrets operator for Red Hat OpenShift - Tech Preview",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:workload_availability_far:0"
            ],
            "defaultStatus": "unaffected",
            "product": "Fence Agents Remediation Operator",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:workload_availability_nhc:0"
            ],
            "defaultStatus": "unaffected",
            "product": "Node HealthCheck Operator",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_api_data_protection:1"
            ],
            "defaultStatus": "unaffected",
            "product": "OpenShift API for Data Protection",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:service_mesh:2"
            ],
            "defaultStatus": "unaffected",
            "product": "OpenShift Service Mesh 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:service_mesh:3"
            ],
            "defaultStatus": "unaffected",
            "product": "OpenShift Service Mesh 3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:6"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 7",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat OpenShift GitOps",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_update_service:5"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat OpenShift Update Service",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openstack:13"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat OpenStack Platform 13 (Queens)",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openstack:16.2"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat OpenStack Platform 16.2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openstack:18.0"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat OpenStack Platform 18.0",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:quay:3"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Quay 3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:workload_availability_snr:0"
            ],
            "defaultStatus": "unaffected",
            "product": "Self Node Remediation Operator",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:stf:1.5"
            ],
            "defaultStatus": "unaffected",
            "product": "Service Telemetry Framework 1.5",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-01-07T22:09:01.936Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-409",
                "description": "Improper Handling of Highly Compressed Data (Data Amplification)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T12:06:27.462Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-21441"
          },
          {
            "name": "RHBZ#2427726",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-21441.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2911"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:28043"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1485"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2765"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2764"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2760"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1240"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1224"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1226"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1803"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1792"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1791"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1676"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1734"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1735"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1546"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1717"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1712"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1957"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1706"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1704"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1619"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1239"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1089"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1088"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1726"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1086"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1254"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2728"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2723"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2717"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2718"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1618"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1693"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1674"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1729"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1087"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1241"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1805"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1793"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1794"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2500"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2256"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2900"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3444"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3461"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3462"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:25127"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:8151"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:4466"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:4467"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1599"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1609"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1596"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3960"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33154"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1652"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3406"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1736"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:10184"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3782"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2695"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2106"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:19712"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3713"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2456"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3869"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3874"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3884"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1730"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:4185"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:4215"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1942"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2681"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2762"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1504"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6287"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:8500"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6292"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:14877"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:8501"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2924"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2926"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2925"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2919"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2137"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:4271"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:3296"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2144"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2139"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2126"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:5459"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:2563"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17456"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17457"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17460"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17461"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17462"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:17463"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1038"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1166"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:0981"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1176"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1041"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1168"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:0990"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:1042"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:28441"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:2911: Red Hat Enterprise Linux Server HighAvailability (v. 7 ELS), Red Hat Enterprise Linux Server ResilientStorage (v. 7 ELS)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:28043: Red Hat OpenStack Platform 17.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1485: RHUI 4 for RHEL 8"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2765: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2764: Red Hat Satellite 6.17 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2760: Red Hat Satellite 6.18 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1240: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux HighAvailability (v. 8), Red Hat Enterprise Linux ResilientStorage (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1224: Red Hat Enterprise Linux AppStream (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1226: Red Hat Enterprise Linux AppStream (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1803: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4), Red Hat Enterprise Linux High Availability AUS (v.8.4), Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1792: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6), Red Hat Enterprise Linux High Availability E4S (v.8.6), Red Hat Enterprise Linux High Availability TUS (v.8.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1791: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8), Red Hat Enterprise Linux High Availability E4S (v.8.8), Red Hat Enterprise Linux High Availability TUS (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1676: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1734: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux High Availability E4S (v.9.0), Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1735: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux High Availability E4S (v.9.2), Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1546: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1717: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux High Availability EUS (v.9.4), Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1712: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1957: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1706: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1704: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1619: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1239: Red Hat Enterprise Linux AppStream (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1089: Red Hat Enterprise Linux AppStream (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1088: Red Hat Enterprise Linux AppStream (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1726: Red Hat Enterprise Linux BaseOS EUS (v. 10.0)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1086: Red Hat Enterprise Linux BaseOS (v. 10)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1254: Red Hat Enterprise Linux BaseOS (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2728: Red Hat Enterprise Linux BaseOS AUS (v. 8.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2723: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2717: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2718: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1618: Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1693: Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1674: Red Hat Enterprise Linux BaseOS EUS (v.9.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1729: Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1087: Red Hat Enterprise Linux BaseOS (v. 9)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1241: Red Hat Enterprise Linux HighAvailability (v. 8), Red Hat Enterprise Linux ResilientStorage (v. 8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1805: Red Hat Enterprise Linux High Availability AUS (v.8.4), Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1793: Red Hat Enterprise Linux High Availability E4S (v.8.6), Red Hat Enterprise Linux High Availability TUS (v.8.6)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1794: Red Hat Enterprise Linux High Availability E4S (v.8.8), Red Hat Enterprise Linux High Availability TUS (v.8.8)"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2500: Multicluster Global Hub 1.4.5"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2256: Multicluster Global Hub 1.5.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2900: Network Observability (NETOBSERV) 1.11.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3444: OpenShift API for Data Protection 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3461: Red Hat AI Inference Server 3.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3462: Red Hat AI Inference Server 3.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:8151: Red Hat Advanced Cluster Management for Kubernetes 2.15"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:4466: Red Hat Advanced Cluster Security for Kubernetes 4.8"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:4467: Red Hat Advanced Cluster Security for Kubernetes 4.9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1599: Red Hat Ansible Automation Platform 2.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1609: Red Hat Ansible Automation Platform 2.5"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1596: Red Hat Ansible Automation Platform 2.6"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33154: Red Hat Ceph Storage 7.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1652: Red Hat Ceph Storage 8"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3406: Red Hat Ceph Storage 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1736: Red Hat Discovery 2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3782: Red Hat OpenShift AI 2.25"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2695: Red Hat OpenShift AI 2.25"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2106: Red Hat OpenShift AI 2.25"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3713: Red Hat OpenShift AI 3.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2456: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3869: Red Hat OpenShift GitOps 1.17"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3874: Red Hat OpenShift GitOps 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3884: Red Hat OpenShift GitOps 1.19"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1730: Red Hat Quay 3.12"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:4185: Red Hat Quay 3.13"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:4215: Red Hat Quay 3.14"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1942: Red Hat Quay 3.15"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2681: Red Hat Quay 3.16"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2762: Red Hat Quay 3.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1504: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6287: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:8500: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6292: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:14877: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:8501: Red Hat Satellite 6.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2924: Red Hat Trusted Artifact Signer 1.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2926: Red Hat Trusted Artifact Signer 1.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2925: Red Hat Trusted Artifact Signer 1.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2919: Red Hat Trusted Artifact Signer 1.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2137: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:4271: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:3296: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2144: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2139: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2126: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:5459: Red Hat Trusted Artifact Signer 1.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:2563: Red Hat Update Infrastructure 5"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17456: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17457: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17460: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17461: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17462: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:17463: Zero Trust Workload Identity Manager 1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1038: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1166: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:0981: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1176: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1041: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1168: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:0990: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:1042: cert-manager operator for Red Hat OpenShift 1.18"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-01-07T23:01:59.422Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-01-07T22:09:01.936Z",
            "value": "Made public."
          }
        ],
        "title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "urllib3",
          "vendor": "urllib3",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.22, \u003c 2.6.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-409",
              "description": "CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-07T22:13:57.482Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
        },
        {
          "name": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
        }
      ],
      "source": {
        "advisory": "GHSA-38jv-5279-wg99",
        "discovery": "UNKNOWN"
      },
      "title": "urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-21441",
    "datePublished": "2026-01-07T22:09:01.936Z",
    "dateReserved": "2025-12-29T03:00:29.276Z",
    "dateUpdated": "2026-06-30T12:06:27.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2026:33154

CVE-2026-21441 (GCVE-0-2026-21441)

Tags

Sightings

Nomenclature