RHSA-2026:4185
Vulnerability from csaf_redhat - Published: 2026-03-10 13:57 - Updated: 2026-03-13 18:32Summary
Red Hat Security Advisory: Red Hat Quay 3.13.11
Notes
Topic
Red Hat Quay 3.13.11 is now available with bug fixes.
Details
Quay 3.13.11
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.13.11 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.13.11",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4185",
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4185.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.13.11",
"tracking": {
"current_release_date": "2026-03-13T18:32:46+00:00",
"generator": {
"date": "2026-03-13T18:32:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2026:4185",
"initial_release_date": "2026-03-10T13:57:02+00:00",
"revision_history": [
{
"date": "2026-03-10T13:57:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-12T14:13:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-13T18:32:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.13",
"product": {
"name": "Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771540384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Abfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771540464"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Abb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Aaa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773092950"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Af3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Afc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aaf814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ad1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Afb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Af0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Aaddfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Afe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…