RHSA-2026:5549
Vulnerability from csaf_redhat - Published: 2026-03-24 07:31 - Updated: 2026-03-30 21:45Summary
Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.4
Severity
Important
Notes
Topic: Red Hat OpenShift Builds 1.6.4
Details: Releases of Red Hat OpenShift Builds 1.6.4
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
Workaround
To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.
7.4 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
7.5 (High)
Vendor Fix
It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4
https://access.redhat.com/errata/RHSA-2026:5549
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Builds 1.6.4",
"title": "Topic"
},
{
"category": "general",
"text": "Releases of Red Hat OpenShift Builds 1.6.4",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5549",
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.6",
"url": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.6"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5549.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.4",
"tracking": {
"current_release_date": "2026-03-30T21:45:48+00:00",
"generator": {
"date": "2026-03-30T21:45:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2026:5549",
"initial_release_date": "2026-03-24T07:31:25+00:00",
"revision_history": [
{
"date": "2026-03-24T07:31:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-24T07:31:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-30T21:45:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Builds 1.6.4",
"product": {
"name": "Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Builds"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920797"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920861"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3Ae7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921337"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3Ad3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921036"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3Aabc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774304869"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256%3Ab5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774334986"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3A0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931994"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3A391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931788"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3Aa716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774334066"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921206"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920797"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920861"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3A942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921337"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3A7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921036"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3Aace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774304869"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3Aea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931994"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3A1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931788"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3A10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774334066"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921206"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920797"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920861"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3A6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921337"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3A21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921036"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3Aa753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774304869"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3Ae1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931994"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3Ad6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931788"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3A1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774334066"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921206"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920797"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773920861"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3A933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921337"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3A0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921036"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774304869"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3Ad9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931994"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3Ab623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773931788"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3A8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1774334066"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds\u0026tag=1773921206"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64 as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le as a component of Red Hat OpenShift Builds 1.6.4",
"product_id": "Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: Unexpected session resumption in crypto/tls",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: Unexpected session resumption in crypto/tls"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-24T07:31:25+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.6.3 upgrades to to 1.6.4",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:3e7802fd4777d02152c225bd23d99d3a67301ef7dcc4d86624dc0852905b89c0_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:658118be2dd7dde63668822f2b10bf2155d1a7264435c31e9da01c4eed429a31_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:6ebecac905954551ee9e1d8ace2282305823528e5d81f430020390e6f0146733_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:9f138971e0419cf08273b296c86770a6a8146e96b19f354df51141794cb2dc50_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0c292a7860239fcaf9dc3b99ded7fb3bf35bb04e36419731012a407a055ce93a_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:84a60e844b90441a353b605ec9d893426a2cba422c45306090273a738b029242_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:86dc4e5cb44e3e7519fa3fb4c994b2cc9204117a728c458b3994c8c6dfba372d_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:9a0705a74dbf6f6dc4f202696462940aa8c21358c60678d8c06f39e438ee410d_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:6cad955d303121f214c9200fdded75a18c0ebca4d6676fc49fb82c06fc4790fc_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:933f790fe6a2652dde798dcb39e4daeb6ad2a3b371d3b4930ef4f016a70769ed_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:942b6a4d4299e09ba619144ee216cb5eea73dd8aea6117ae4cb92a82c026c76b_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:e7607a6ca262ba1f9403d8a89e8f9771b84cac45e43eaee739789cf0cb8ebd29_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:0a49e3ed4090ee01e433871ef2765d8c74813333f6a641f2edff6fd56ede8d76_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:21230f1cee5974dc459f4b31f829f942cf27d2b7adf081ade185f78b8554822f_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7aaa6d41e175e70f6a96ee44ba47805987a818858a19517698ec564d2d4c6c61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:d3092e5ad323b1454a7ee54d54ff0aae0f5cb44603a93a80087768e984c917fc_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:b5a49391fd646c612bff8ee78e55f193f17141a3ef567eefdbaa21e9edaf4ed1_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:846cfa73983011c3f351e0584ace035ad06713f78e625e351922c33c31fc35f6_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:a753821c3238712b53436e7689ed0bf6dde224aa9bbcca70c4018709e7391ff5_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:abc4ca39454ce581794f6e80b272878b1aa81636d84933de5de0035888d9e231_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:ace068e3a65adc34ebba6a38242d4bb65e8cdd05c846daadfaa9e687e666b0bb_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a3b22036310909533456be9c03ae6b7b3c5d91b89b245533925cfe81e523d9e_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:d9a636edf9d0ea72339a6cf4af5d343f8ff0723cd466581a80968820405f9a15_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:e1489201089cda6b2b6dfe8b3b74bb4565030586de1ba18888727a5ddba4dea1_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:ea105c68e91862c8d0279240d9d92d1d27b816b49bbf528fb2d30a11343a24d8_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:1cc18f61f97007488f929514f0d96e7ee799cbeb57c8040393510fb5df1308ea_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:391eda856869508163773cf3d8f457bc27bae4619009abab4e1bc95c34013a80_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:b623dd3f2f055038655d3ec62983d6bf7f519d4b2d010c89f2809870ab75c3ff_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d6d1b43384c9532b4d5c0af85df5a6086b986494825216103c02bfe67ddb1f33_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:10cc203162a18a29b59faedf70efbdce132e92f64f915d3265c4fcb44711df9c_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:1beb2ef462b304a691c1bfd855bc6f70d26895a290de7524e0806ea023f92a30_ppc64le",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:8006f2dbeae12667c5a31827ef0f022733a950234cd55a0239334f3003b6e438_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:a716d3e3cc713c7494d0c051d23a872f4d8404f5f2c5226b13c715c901122872_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:19356ed9f617a6fccc1b299c05c07a54d078d1cde15ebe6663e2e11da3b7ac61_arm64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1dad4897c8b22566fd61a83af3ae9f235001d5b8e5cdd40ed6d76bf7f58b508a_amd64",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:1e20f4f7824339c4685afa6e309f8c143c245d824ae7d781488816fa1d62d17c_s390x",
"Red Hat OpenShift Builds 1.6.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:8fa9769e07dd82241952df0f4dd80e3d9671a9df66f0a4390d009123c6f09179_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…