RHSA-2026:6341
Vulnerability from csaf_redhat - Published: 2026-04-01 09:19 - Updated: 2026-04-10 11:59Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Severity
Important
Notes
Topic: An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Security Fix(es):
* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6341
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6341",
"url": "https://access.redhat.com/errata/RHSA-2026:6341"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6341.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2026-04-10T11:59:03+00:00",
"generator": {
"date": "2026-04-10T11:59:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6341",
"initial_release_date": "2026-04-01T09:19:49+00:00",
"revision_history": [
{
"date": "2026-04-01T09:19:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-01T09:19:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T11:59:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 4 on RHEL 9",
"product": {
"name": "Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:4::el9"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.6.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"product_id": "cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.1.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.6.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.1.1-4"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"product_id": "cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.1.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.1.1-6"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.1.1-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:19:49+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6341"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:7fed153b85c3e15b93d2b04e7aac14d7169aff25b3d290cf0f8760305beb0b96_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:ea94c84c3d002574b52a6cd077057eb624af4e033f2b0ca17788963bda0b8b99_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:142758ed9e3576cb133c5644caf836ad71e5e0d7b704e628995f4a636464414c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:7710ba02d26a3511332f53455afa7aff6630a2a16e02906f67ddca87fbdde683_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:6c67ec710591e469014f53621b1977d596cd1b5aaf0c50c71fba5b937f97dab0_amd64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7f297a90fd4d0d006ea0c5c8758cb3cf49d249e9b0a3f40924136fe4f4179460_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:49687873862b452e4a3890663d3bbfe95412713088af9a2d5f32d256a4dc3f5e_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:ce8f7a591e017ab963337694227ed32d75bc4832f3a338159d3011f96859ffd4_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:0281e3fd6d501df5d67246044f98243e7ed88ee4a61c32b42be261a9aa116290_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:46677e38ae7f44d21676b7f44be842fdfa8242c3c96ced432e29c245b2fa483a_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:655d96e92b777adc08edf16ff72c1cb6622b52a701fd928bd82ff901003f8e07_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:7856d929beb9198f4d0139825ed65e9b24bb895e910d608ba91d0255f30f9844_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:92edd503080b2c35cf513ddbbecacdc0942f9e9b0576c860b373078683503119_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:ce134470d6345c43eba1f8b6d585118860ceb9bc5f7dae5d76db55c861e3db3e_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:51e689ddc03f5cbedb9a25e7001814d87a15be63809e4313027d603e5709d8fc_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:900f94e2359940f703669dd8c62490a1392afadb666ca1b0b494184772085020_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:1465752cc44bc548eb638a098bb6638b31e1b68f681831d76119529127a7b219_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:ce8aaa6975d322e9eb9ef2d3b822b2bd29a8d8ebccfe0ec668fd76a57b61a736_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6da38459c39df5db65c75202dcfcd675094590fb4b21ed8c0789b8a16b053016_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:6e42be9460b630cb44f31b01fc902a6a60a2cf2c28abbec3ecacf268603ae977_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…