Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-39821

Summary
Assigner-Go
Assigner Org ID-1bb62c36-49e3-4200-9d77-64a1400537cc
Published At-22 May, 2026 | 15:01
Updated At-17 Jul, 2026 | 12:04
Rejected At-
Credits

Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com".

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Go
Assigner Org ID:1bb62c36-49e3-4200-9d77-64a1400537cc
Published At:22 May, 2026 | 15:01
Updated At:17 Jul, 2026 | 12:04
Rejected At:
â–¼CVE Numbering Authority (CNA)
Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com".

Affected Products
Vendor
golang.org/x/net
Product
golang.org/x/net/idna
Collection URL
https://pkg.go.dev
Package Name
golang.org/x/net/idna
Program Routines
  • Profile.process
  • Profile.ToASCII
  • Profile.ToUnicode
  • ToASCII
  • ToUnicode
Default Status
unaffected
Versions
Affected
  • From 0 before 0.55.0 (semver)
Problem Types
TypeCWE IDDescription
N/AN/ACWE-1289: Improper Validation of Unsafe Equivalence in Input
Type: N/A
CWE ID: N/A
Description: CWE-1289: Improper Validation of Unsafe Equivalence in Input
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

KC1zs4 (https://github.com/KC1zs4)
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://go.dev/cl/767220
N/A
https://go.dev/issue/78760
N/A
https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8
N/A
https://pkg.go.dev/vuln/GO-2026-5026
N/A
Hyperlink: https://go.dev/cl/767220
Resource: N/A
Hyperlink: https://go.dev/issue/78760
Resource: N/A
Hyperlink: https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8
Resource: N/A
Hyperlink: https://pkg.go.dev/vuln/GO-2026-5026
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-1289CWE-1289 Improper Validation of Unsafe Equivalence in Input
Type: CWE
CWE ID: CWE-1289
Description: CWE-1289 Improper Validation of Unsafe Equivalence in Input
Metrics
VersionBase scoreBase severityVector
3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. golang.org/x/net/idna: golang: net/http: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
git-lfs
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:3.7.1-5.el10_2.5 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
opentelemetry-collector
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:0.152.1-1.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
grafana-pcp
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:5.3.0-7.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
grafana
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:10.2.6-27.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
golang
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:1.26.5-1.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhc
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 1:0.3.8-6.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
yggdrasil
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 0:0.4.9.2-1.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
git-lfs
CPEs
  • cpe:/a:redhat:enterprise_linux:8
Default Status
affected
Versions
Unaffected
  • From 0:3.4.1-11.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
grafana
CPEs
  • cpe:/a:redhat:enterprise_linux:8
Default Status
affected
Versions
Unaffected
  • From 0:9.2.10-31.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
grafana-pcp
CPEs
  • cpe:/a:redhat:enterprise_linux:8
Default Status
affected
Versions
Unaffected
  • From 0:5.1.1-16.el8_10 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
go-toolset:rhel8
CPEs
  • cpe:/a:redhat:enterprise_linux:8
Default Status
affected
Versions
Unaffected
  • From 8100020260710105056.a3795dee before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
git-lfs
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 0:3.7.1-4.el9_8.1 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
opentelemetry-collector
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 0:0.152.1-1.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
grafana
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 0:10.2.6-23.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
grafana-pcp
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 0:5.1.1-17.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
golang
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 0:1.26.5-1.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhc
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 1:0.2.7-8.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4.22
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ose-azure-acr-image-credential-provider
CPEs
  • cpe:/a:redhat:openshift:4.22::el8
Default Status
affected
Versions
Unaffected
  • From 0:4.22.0-202606291123.p2.ga17a3e3.assembly.stream.el8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.0 for RHEL 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 0:1.0.3-1.el9em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.1 for RHEL 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 0:1.1.3-1.el10em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.1 for RHEL 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.1:el9
Default Status
affected
Versions
Unaffected
  • From 0:1.1.3-1.el9em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782840519 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/distributed-tracing-console-plugin-pf5-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782839981 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/distributed-tracing-console-plugin-pf6-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782839193 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/distributed-tracing-console-plugin-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782838753 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/logging-console-plugin-pf4-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782839279 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/logging-console-plugin-pf5-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782840539 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/monitoring-console-plugin-pf5-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782844225 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/monitoring-console-plugin-pf6-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782839658 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Cluster Observability Operator 1.5.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
cluster-observability-operator/monitoring-console-plugin-rhel9
CPEs
  • cpe:/a:redhat:cluster_observability_operator:1.5::el9
Default Status
affected
Versions
Unaffected
  • From 1782838476 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
DevWorkspace Operator 0.42
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
devworkspace/devworkspace-rhel9-operator
CPEs
  • cpe:/a:redhat:devworkspace:0.42::el9
Default Status
affected
Versions
Unaffected
  • From 1782401674 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift 6.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-logging/eventrouter-rhel9
CPEs
  • cpe:/a:redhat:logging:6.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782408807 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.6
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/assisted-service-8-rhel8
CPEs
  • cpe:/a:redhat:multicluster_engine:2.6::el8
Default Status
affected
Versions
Unaffected
  • From 1783332008 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.6
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/assisted-service-9-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine:2.6::el9
Default Status
affected
Versions
Unaffected
  • From 1783333268 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.6
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/discovery-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine:2.6::el9
Default Status
affected
Versions
Unaffected
  • From 1782916619 before * (rpm)
  • From 1783985999 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.8
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/kube-rbac-proxy-mce-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine:2.8::el9
Default Status
affected
Versions
Unaffected
  • From 1782477094 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.8
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/multicloud-manager-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine:2.8::el9
Default Status
affected
Versions
Unaffected
  • From 1782308518 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
multicluster engine for Kubernetes 2.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-engine/discovery-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine:2.9::el9
Default Status
affected
Versions
Unaffected
  • From 1783260894 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Global Hub 1.4.5
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
multicluster-globalhub/multicluster-globalhub-agent-rhel9
CPEs
  • cpe:/a:redhat:multicluster_globalhub:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1784061472 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/acm-grafana-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782383730 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/acm-multicluster-observability-addon-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782156698 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/acm-prometheus-config-reloader-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157632 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/acm-prometheus-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157829 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/cluster-backup-rhel9-operator
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157630 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/endpoint-monitoring-rhel9-operator
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782382580 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/grafana-dashboard-loader-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782383255 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/kube-rbac-proxy-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782488873 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/kube-state-metrics-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157507 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/metrics-collector-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782396604 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/multicluster-observability-rhel9-operator
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782382711 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/node-exporter-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157546 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/observatorium-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157471 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/observatorium-rhel9-operator
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782157018 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/prometheus-alertmanager-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782156920 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/prometheus-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782374537 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/rbac-query-proxy-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782383676 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/thanos-receive-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782156860 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2.13
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhacm2/thanos-rhel9
CPEs
  • cpe:/a:redhat:acm:2.13::el9
Default Status
affected
Versions
Unaffected
  • From 1782465412 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1781686458 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1781686446 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-ui-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502438 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-ui-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194574 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-ui-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127736 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/disk-image-cuda-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782804957 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-aws-cuda-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782758407 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-azure-cuda-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782758410 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-azure-rocm-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782754093 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-cuda-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782744816 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-gcp-cuda-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782758409 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI 3.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhelai3/bootc-rocm-rhel9
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782744830 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Hardened Images
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang1-25-main
CPEs
  • cpe:/a:redhat:hummingbird:1
Default Status
affected
Versions
Unaffected
  • From 1.25.11-2.hum1 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Hardened Images
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang1-26-main
CPEs
  • cpe:/a:redhat:hummingbird:1
Default Status
affected
Versions
Unaffected
  • From 1.26.4-2.hum1 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057515 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-waiters-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057868 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1784121108 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-waiters-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783612119 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/cephcsi-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932114 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/cephcsi-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782931768 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/devicefinder-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932104 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/mcg-core-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783536000 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/mcg-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783535989 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-client-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783536515 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-client-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932521 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-metrics-exporter-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783018461 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783018421 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-blackbox-exporter-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932812 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cli-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537001 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cloudnative-pg-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932919 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537586 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cosi-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932969 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-csi-addons-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933015 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-csi-addons-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933042 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-drbd-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537392 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-external-snapshotter-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933235 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-external-snapshotter-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933251 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-multicluster-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537955 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-multicluster-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933417 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-must-gather-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537742 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933602 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783019377 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-volsync-plugin-mover-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934054 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-volsync-plugin-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934036 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/rook-ceph-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934284 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Dev Spaces 3.29
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
devspaces/udi-rhel9
CPEs
  • cpe:/a:redhat:openshift_devspaces:3.29::el9
Default Status
affected
Versions
Unaffected
  • From 1782991491 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps 1.19
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-gitops-1/dex-rhel8
CPEs
  • cpe:/a:redhat:openshift_gitops:1.19::el8
Default Status
affected
Versions
Unaffected
  • From 1782292352 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps 1.20
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-gitops-1/dex-rhel9
CPEs
  • cpe:/a:redhat:openshift_gitops:1.20::el9
Default Status
affected
Versions
Unaffected
  • From 1782383826 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Service Mesh 2.6
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-service-mesh/kiali-rhel8
CPEs
  • cpe:/a:redhat:service_mesh:2.6::el8
Default Status
affected
Versions
Unaffected
  • From 1782287580 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Service Mesh 3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-service-mesh/kiali-rhel9
CPEs
  • cpe:/a:redhat:service_mesh:3.0::el9
Default Status
affected
Versions
Unaffected
  • From 1782201833 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Service Mesh 3.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-service-mesh/kiali-rhel9
CPEs
  • cpe:/a:redhat:service_mesh:3.1::el9
Default Status
affected
Versions
Unaffected
  • From 1782201537 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Service Mesh 3.2
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-service-mesh/kiali-rhel9
CPEs
  • cpe:/a:redhat:service_mesh:3.2::el9
Default Status
affected
Versions
Unaffected
  • From 1782201812 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Service Mesh 3.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-service-mesh/kiali-rhel9
CPEs
  • cpe:/a:redhat:service_mesh:3.3::el9
Default Status
affected
Versions
Unaffected
  • From 1782201466 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel8
CPEs
  • cpe:/a:redhat:quay:3.10::el8
Default Status
affected
Versions
Unaffected
  • From 1783750447 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.16
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel9
CPEs
  • cpe:/a:redhat:quay:3.16::el9
Default Status
affected
Versions
Unaffected
  • From 1783955846 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel8
CPEs
  • cpe:/a:redhat:quay:3.9::el8
Default Status
affected
Versions
Unaffected
  • From 1784125838 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
conforma-cli-stack-v1
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 4-1.4.2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Assisted Installer for Red Hat OpenShift Container Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhai/assisted-installer-rhel9
CPEs
  • cpe:/a:redhat:assisted_installer:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
cert-manager Operator for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cert-manager/jetstack-cert-manager-rhel9
CPEs
  • cpe:/a:redhat:cert_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Compliance Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
compliance/openshift-compliance-operator-bundle
CPEs
  • cpe:/a:redhat:openshift_compliance_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Confidential Compute Attestation
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
build-of-trustee/trustee-rhel9-operator
CPEs
  • cpe:/a:redhat:confidential_compute_attestation:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Confidential Compute Attestation
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-sandboxed-containers/osc-monitor-rhel9
CPEs
  • cpe:/a:redhat:confidential_compute_attestation:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Cryostat 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cryostat/cryostat-storage-rhel9
CPEs
  • cpe:/a:redhat:cryostat:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Deployment Validation Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
dvo/deployment-validation-rhel8-operator
CPEs
  • cpe:/a:redhat:deployment_validator_operator
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
External Secrets Operator for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
external-secrets-operator/external-secrets-rhel9
CPEs
  • cpe:/a:redhat:external_secrets_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Fence Agents Remediation Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
workload-availability/fence-agents-remediation-rhel8-operator
CPEs
  • cpe:/a:redhat:workload_availability_far:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
File Integrity Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
compliance/openshift-compliance-operator-bundle
CPEs
  • cpe:/a:redhat:openshift_file_integrity_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Gatekeeper 3
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gatekeeper/gatekeeper-rhel9-operator
CPEs
  • cpe:/a:redhat:gatekeeper:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Logical Volume Manager Storage
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
lvms4/lvms-rhel9-operator
CPEs
  • cpe:/a:redhat:lvms:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Logical Volume Manager Storage
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
lvms4/topolvm-rhel8
CPEs
  • cpe:/a:redhat:lvms:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Logical Volume Manager Storage
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
lvms4/topolvm-rhel9
CPEs
  • cpe:/a:redhat:lvms:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Machine Deletion Remediation Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
workload-availability/machine-deletion-remediation-rhel8-operator
CPEs
  • cpe:/a:redhat:workload_availability_mdr:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Migration Toolkit for Applications 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
mta/mta-cli-rhel9
CPEs
  • cpe:/a:redhat:migration_toolkit_applications:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Migration Toolkit for Containers
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhmtc/openshift-migration-controller-rhel8
CPEs
  • cpe:/a:redhat:rhmt:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multiarch Tuning Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multiarch-tuning/multiarch-tuning-rhel9-operator
CPEs
  • cpe:/a:redhat:multiarch_tuning_operator
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/addon-manager-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/assisted-installer-agent-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/assisted-installer-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/assisted-installer-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/backplane-rhel9-operator
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-api-provider-agent-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-api-provider-kubevirt-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/clusterclaims-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-curator-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-image-set-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/clusterlifecycle-state-metrics-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/hypershift-addon-rhel9-operator
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/image-based-install-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/placement-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/provider-credential-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/registration-operator-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/registration-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/work-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Network Observability Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
network-observability/network-observability-cli-rhel9
CPEs
  • cpe:/a:redhat:network_observ_optr:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Node HealthCheck Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
node-healthcheck-operator-tech-preview/node-healthcheck-operator-rhel8
CPEs
  • cpe:/a:redhat:workload_availability_nhc:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Node HealthCheck Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
node-healthcheck-operator-tech-preview/node-healthcheck-rhel8-operator
CPEs
  • cpe:/a:redhat:workload_availability_nhc:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Node HealthCheck Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
workload-availability/node-healthcheck-rhel8-operator
CPEs
  • cpe:/a:redhat:workload_availability_nhc:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/hypershift-addon-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
oadp/oadp-velero-rhel9
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hypershift-rhel9
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Developer Tools and Services
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
helm
CPEs
  • cpe:/a:redhat:ocp_tools
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Lightspeed
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-lightspeed/lightspeed-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_lightspeed
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Pipelines
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-pipelines-client
CPEs
  • cpe:/a:redhat:openshift_pipelines:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Pipelines
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-pipelines/pipelines-scheduler-rhel9
CPEs
  • cpe:/a:redhat:openshift_pipelines:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
kn-workflow-plugin
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-serverless-1/kn-plugin-event-sender-rhel9
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-serverless-1/logic-rhel9-operator
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-serverless-clients
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Power monitoring for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-power-monitoring/kepler-rhel9
CPEs
  • cpe:/a:redhat:openshift_power_monitoring
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat 3scale API Management Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
3scale-amp2/3scale-rhel7-operator
CPEs
  • cpe:/a:redhat:red_hat_3scale_amp:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat 3scale API Management Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
3scale-amp2/3scale-rhel9-operator
CPEs
  • cpe:/a:redhat:red_hat_3scale_amp:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-cli-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-cluster-permission-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-governance-policy-addon-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-governance-policy-framework-addon-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-must-gather-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-search-indexer-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-search-v2-api-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-search-v2-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-volsync-addon-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/cert-policy-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/config-policy-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/governance-policy-propagator-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/insights-client-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/insights-metrics-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/klusterlet-addon-controller-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/memcached-exporter-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multicloud-integrations-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multiclusterhub-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multicluster-operators-application-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multicluster-operators-channel-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multicluster-operators-subscription-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/search-collector-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/subctl-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/submariner-addon-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ansible-automation-platform-26/receptor-rhel9
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ansible-automation-platform-27/receptor-rhel9
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ansible-automation-platform/platform-operator-bundle
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
automation-gateway-proxy
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
automation-gateway-proxy-openssl30
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
automation-gateway-proxy-openssl32
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
python3.11-galaxy-ng
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
python3.12-galaxy-ng
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ansible Automation Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
receptor
CPEs
  • cpe:/a:redhat:ansible_automation_platform:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ceph Storage 5
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhceph/rhceph-5-dashboard-rhel8
CPEs
  • cpe:/a:redhat:ceph_storage:5
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ceph Storage 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhceph/rhceph-6-dashboard-rhel9
CPEs
  • cpe:/a:redhat:ceph_storage:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ceph Storage 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhceph/grafana-rhel9
CPEs
  • cpe:/a:redhat:ceph_storage:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ceph Storage 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhceph/alloy-rhel10
CPEs
  • cpe:/a:redhat:ceph_storage:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Certification Program for Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
redhat-certification-preflight
CPEs
  • cpe:/a:redhat:certifications:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Connectivity Link 1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhcl-1/authorino-rhel9
CPEs
  • cpe:/a:redhat:connectivity_link:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Developer Hub
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhdh/rhdh-rhel9-operator
CPEs
  • cpe:/a:redhat:rhdh:1
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
buildah
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
butane
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
delve
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
go-fdo-client
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
go-fdo-server
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-openprinting-ipp-usb
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gvisor-tap-vsock
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ignition
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
osbuild-composer
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhc-worker-playbook
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhel10/bootc-image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhel10-eus/rhel-10.0-bootc-image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
skopeo
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
toolbox
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
trustee
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
trustee-guest-components
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
host-metering
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhc
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhc-worker-script
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/buildah
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/conmon
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/containernetworking-plugins
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/podman
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/skopeo
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8/toolbox
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
osbuild-composer
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhc
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
weldr-client
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
buildah
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
butane
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
conmon
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
containernetworking-plugins
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gvisor-tap-vsock
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ignition
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
osbuild-composer
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhel9/bootc-image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhel9-eus/rhel-9.6-bootc-image-builder
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
skopeo
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
toolbox
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
trustee-guest-components
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
weldr-client
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux AI (RHEL AI) 3
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang
CPEs
  • cpe:/a:redhat:enterprise_linux_ai:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Lightspeed for Runtimes Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator
CPEs
  • cpe:/a:redhat:lightspeed_for_runtimes:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ai-gateway-payload-processing-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-codeflare-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-data-science-pipelines-argo-argoexec-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-data-science-pipelines-operator-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-eval-hub-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-feast-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-kf-notebook-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-kserve-llmisvc-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-kube-auth-proxy-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-kuberay-operator-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-kueue-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llama-stack-k8s-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llm-d-batch-gateway-apiserver-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llm-d-batch-gateway-gc-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llm-d-batch-gateway-processor-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llm-d-inference-scheduler-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-llm-d-routing-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-maas-api-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-maas-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mlflow-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ml-pipelines-api-server-v2-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ml-pipelines-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ml-pipelines-launcher-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mm-rest-proxy-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-automl-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-autorag-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-eval-hub-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-gen-ai-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-maas-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-mlflow-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-mod-arch-model-registry-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-model-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-modelmesh-runtime-adapter-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-modelmesh-serving-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-model-registry-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-model-registry-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-model-serving-api-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-notebook-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-rhaii-cluster-validator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-rhel8-operator
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-spark-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-trainer-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-training-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-trustyai-service-operator-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-workload-variant-autoscaler-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/rhai-cli-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Cluster Manager CLI
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ocm-cli-clients/ocm-cli-rhel9
CPEs
  • cpe:/a:redhat:openshift_cluster_manager_cli:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
atomic-openshift-service-idler
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
butane
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
conmon
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
conmon-rs
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
containernetworking-plugins
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cri-o
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cri-tools
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-prometheus-promu
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ignition
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
kata-containers
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
microshift
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/frr-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-cli
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hypershift-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-clients
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-kuryr
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ose-aws-ecr-image-credential-provider
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ose-crio-credential-provider
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ose-gcp-gcr-image-credential-provider
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
skopeo
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift for Windows Containers
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4-wincw/windows-machine-config-rhel9-operator
CPEs
  • cpe:/a:redhat:windows_machine_config
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift on AWS
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rosa
CPEs
  • cpe:/a:redhat:openshift_service_on_aws:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Virtualization 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-native-virtualization/kubevirt-apiserver-proxy-rhel9
CPEs
  • cpe:/a:redhat:container_native_virtualization:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Virtualization 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
kubevirt
CPEs
  • cpe:/a:redhat:container_native_virtualization:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
etcd
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-infrawatch-apputils
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel8/osp-director-agent
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
collectd-libpod-stats
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
etcd
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-infrawatch-apputils
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel9/osp-director-agent
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 18.0
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-openstack-k8s-operators-os-diff
CPEs
  • cpe:/a:redhat:openstack:18.0
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 18.0
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoso-operators/ovn-rhel9-operator
CPEs
  • cpe:/a:redhat:openstack:18.0
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Satellite 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
satellite:el8/yggdrasil-worker-forwarder
CPEs
  • cpe:/a:redhat:satellite:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Satellite 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
satellite/iop-vmaas-rhel9
CPEs
  • cpe:/a:redhat:satellite:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Satellite 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
yggdrasil-worker-forwarder
CPEs
  • cpe:/a:redhat:satellite:6
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Service Interconnect 1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
skupper-cli
CPEs
  • cpe:/a:redhat:service_interconnect:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Service Interconnect 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
skupper-cli
CPEs
  • cpe:/a:redhat:service_interconnect:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Web Terminal
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
web-terminal/web-terminal-exec-rhel9
CPEs
  • cpe:/a:redhat:webterminal:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Security Profiles Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
compliance/openshift-security-profiles-rhel8-operator
CPEs
  • cpe:/a:redhat:openshift_security_profiles_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
streams for Apache Kafka 3
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-github-danielqsj-kafka_exporter
CPEs
  • cpe:/a:redhat:amq_streams:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager - Tech Preview
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:0
Default Status
affected
Problem Types
TypeCWE IDDescription
CWECWE-1289Improper Validation of Unsafe Equivalence in Input
Type: CWE
CWE ID: CWE-1289
Description: Improper Validation of Unsafe Equivalence in Input
Metrics
VersionBase scoreBase severityVector
3.18.2HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:41019: RHEM 1.1 for RHEL 10, RHEM 1.1 for RHEL 9

RHSA-2026:34789: Red Hat OpenShift Container Platform 4.22

RHSA-2026:36796: RHEM 1.0 for RHEL 9

RHSA-2026:30855: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:37436: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:35827: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:35826: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:34357: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:39005: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:39573: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)

RHSA-2026:38995: Red Hat Enterprise Linux AppStream (v. 8)

RHSA-2026:30853: Red Hat Enterprise Linux AppStream (v. 8)

RHSA-2026:35830: Red Hat Enterprise Linux AppStream (v. 8)

RHSA-2026:35831: Red Hat Enterprise Linux AppStream (v. 8)

RHSA-2026:30854: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:37435: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:35828: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:35829: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:34359: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:39879: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)

RHSA-2026:34342: Cluster Observability Operator 1.5.0

RHSA-2026:36808: DevWorkspace Operator 0.42

RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4

RHSA-2026:41030: Multicluster Global Hub 1.4.5

RHSA-2026:30651: Red Hat Advanced Cluster Management for Kubernetes 2.13

RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10

RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11

RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9

RHSA-2026:36651: Red Hat Edge Manager 1.0

RHSA-2026:40945: Red Hat Edge Manager 1.1

RHSA-2026:40118: Red Hat Edge Manager 1.1

RHSA-2026:33531: Red Hat Enterprise Linux AI 3.4

RHSA-2026:33524: Red Hat Enterprise Linux AI 3.4

RHSA-2026:23262: Red Hat Hardened Images

RHSA-2026:23264: Red Hat Hardened Images

RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4

RHSA-2026:41036: Red Hat OpenShift Builds 1.8.1

RHSA-2026:36820: Red Hat OpenShift Dev Spaces 3.29

RHSA-2026:35994: Red Hat OpenShift GitOps 1.19

RHSA-2026:35993: Red Hat OpenShift GitOps 1.20

RHSA-2026:33155: Red Hat OpenShift Service Mesh 2.6

RHSA-2026:33163: Red Hat OpenShift Service Mesh 3.1

RHSA-2026:33173: Red Hat OpenShift Service Mesh 3.2

RHSA-2026:33183: Red Hat OpenShift Service Mesh 3.3

RHSA-2026:33160: Red Hat OpenShift Service Mesh 3

RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22

RHSA-2026:41031: Red Hat Quay 3.10

RHSA-2026:41066: Red Hat Quay 3.16

RHSA-2026:40262: Red Hat Quay 3.9

RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:36105: multicluster engine for Kubernetes 2.6

RHSA-2026:36167: multicluster engine for Kubernetes 2.6

RHSA-2026:41055: multicluster engine for Kubernetes 2.6

RHSA-2026:40119: multicluster engine for Kubernetes 2.6

RHSA-2026:30650: multicluster engine for Kubernetes 2.8

RHSA-2026:36883: multicluster engine for Kubernetes 2.9

Configurations

Workarounds

Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-05-22 16:00:52
Made public.2026-05-22 15:01:21
Event: Reported to Red Hat.
Date: 2026-05-22 16:00:52
Event: Made public.
Date: 2026-05-22 15:01:21
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-39821
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2480756
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39821.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:41019
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:34789
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36796
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30855
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37436
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35827
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35826
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:34357
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:39005
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:39573
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:38995
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30853
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35830
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35831
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30854
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37435
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35828
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35829
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:34359
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:39879
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:34342
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36808
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:34364
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41030
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30651
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26547
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36207
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26546
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36651
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40945
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40118
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33531
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33524
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23262
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23264
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36648
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41036
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36820
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35994
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:35993
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33155
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33163
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33173
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33183
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33160
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37387
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41031
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41066
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40262
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36797
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36105
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36167
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41055
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40119
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30650
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36883
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-39821
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2480756
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39821.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41019
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34789
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36796
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30855
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37436
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35827
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35826
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34357
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39005
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39573
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:38995
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30853
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35830
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35831
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30854
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37435
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35828
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35829
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34359
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39879
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34342
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36808
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34364
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41030
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30651
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26547
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36207
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26546
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36651
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40945
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40118
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33531
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33524
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:23262
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:23264
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36648
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41036
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36820
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35994
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35993
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33155
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33163
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33173
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33183
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33160
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37387
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41031
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41066
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40262
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36797
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36105
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36167
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41055
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40119
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30650
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36883
Resource:
vendor-advisory
x_refsource_REDHAT
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@golang.org
Published At:22 May, 2026 | 16:16
Updated At:17 Jul, 2026 | 13:18

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com".

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Secondary3.18.2HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
N/A
Type: Secondary
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Go
golang
>>net>>Versions before 0.55.0(exclusive)
cpe:2.3:a:golang:net:*:*:*:*:*:go:*:*
Weaknesses
CWE IDTypeSource
CWE-1289Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-1289Secondary0b0ca135-0b70-47e7-9f44-1890c2a1c46c
CWE ID: CWE-1289
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-1289
Type: Secondary
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://go.dev/cl/767220security@golang.org
Issue Tracking
https://go.dev/issue/78760security@golang.org
Issue Tracking
https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8security@golang.org
Mailing List
https://pkg.go.dev/vuln/GO-2026-5026security@golang.org
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:232620b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:232640b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:265460b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:265470b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:306500b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:306510b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:308530b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:308540b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:308550b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:331550b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:331600b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:331630b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:331730b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:331830b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:335240b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:335310b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:343420b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:343570b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:343590b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:343640b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:347890b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358260b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358270b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358280b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358290b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358300b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:358310b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:359930b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:359940b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:361050b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:361670b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:362070b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:366480b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:366510b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:367960b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:367970b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:368080b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:368200b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:368830b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:373870b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:374350b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:374360b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:389950b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:390050b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:395730b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:398790b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:401180b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:401190b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:402620b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:409450b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410190b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410300b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410310b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410360b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410550b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410660b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/security/cve/CVE-2026-398210b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=24807560b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39821.json0b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
Hyperlink: https://go.dev/cl/767220
Source: security@golang.org
Resource:
Issue Tracking
Hyperlink: https://go.dev/issue/78760
Source: security@golang.org
Resource:
Issue Tracking
Hyperlink: https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8
Source: security@golang.org
Resource:
Mailing List
Hyperlink: https://pkg.go.dev/vuln/GO-2026-5026
Source: security@golang.org
Resource:
Vendor Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2026:23262
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:23264
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26546
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26547
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30650
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30651
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30853
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30854
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:30855
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33155
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33160
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33163
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33173
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33183
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33524
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:33531
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34342
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34357
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34359
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34364
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:34789
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35826
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35827
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35828
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35829
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35830
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35831
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35993
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:35994
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36105
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36167
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36207
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36648
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36651
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36796
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36797
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36808
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36820
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36883
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37387
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37435
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37436
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:38995
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39005
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39573
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:39879
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40118
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40119
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40262
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40945
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41019
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41030
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41031
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41036
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41055
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41066
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-39821
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2480756
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39821.json
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

9Records found

CVE-2025-2241
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.45% / 36.47%
||
7 Day CHG~0.00%
Published-17 Mar, 2025 | 16:27
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm

A flaw was found in Hive, a component of Multicluster Engine (MCE) and Advanced Cluster Management (ACM). This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract sensitive credentials even if they do not have direct access to Kubernetes Secrets. This issue can lead to unauthorized VCenter access, cluster management, and privilege escalation.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Advanced Cluster Management for Kubernetes 2Multicluster Engine for Kubernetes
CWE ID-CWE-922
Insecure Storage of Sensitive Information
CVE-2026-43824
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.7||HIGH
EPSS-0.22% / 13.08%
||
7 Day CHG~0.00%
Published-02 May, 2026 | 01:20
Updated-15 Jul, 2026 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

Action-Not Available
Vendor-argoprojRed Hat, Inc.
Product-Argo CDRed Hat Openshift Data Foundation 4Red Hat OpenShift GitOps
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2026-42880
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.51% / 39.84%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 22:20
Updated-15 Jul, 2026 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism. This issue has been patched in versions 3.2.11 and 3.3.9.

Action-Not Available
Vendor-argoprojargoprojRed Hat, Inc.
Product-argo_cdargo-cdRed Hat OpenShift GitOps 1.20Red Hat Openshift Data Foundation 4Red Hat OpenShift GitOps 1.19Red Hat OpenShift GitOps
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-201
Insertion of Sensitive Information Into Sent Data
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2026-33211
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 43.52%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 23:55
Updated-15 Jul, 2026 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.

Action-Not Available
Vendor-tektoncdRed Hat, Inc.The Linux Foundation
Product-tekton_pipelinespipelineRed Hat Trusted Artifact Signer 1.3Builds for Red Hat OpenShiftRed Hat OpenShift Builds 1.6.5Red Hat OpenShift Builds 1.7.4Red Hat OpenShift Pipelines 1.2OpenShift ServerlessRed Hat OpenShift Virtualization 4OpenShift PipelinesRed Hat OpenShift AI (RHOAI)Red Hat OpenShift Pipelines 1.21
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-11807
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.38% / 30.13%
||
7 Day CHG+0.01%
Published-23 Jun, 2026 | 19:40
Updated-16 Jul, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Eda-server: websocket missing authorization allows credential theft via activation_id spoofing

A missing authorization vulnerability was found in the Event-Driven Ansible (EDA) websocket API. The /api/eda/ws/ansible-rulebook endpoint does not verify user permissions when processing Worker messages. Any authenticated user can send a forged message with an arbitrary activation_id to receive plaintext credentials associated with that activation, including OAuth tokens, vault passwords, and SSH keys.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Ansible Automation Platform 2.7Red Hat Ansible Automation Platform 2.5Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Ansible Automation Platform 2.6Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Ansible Automation Platform 2.7Red Hat Ansible Automation Platform 2.5Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat Ansible Automation Platform 2.6Red Hat Ansible Automation Platform 2.5 for RHEL 9
CWE ID-CWE-862
Missing Authorization
CVE-2026-48710
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.44% / 70.18%
||
7 Day CHG~0.00%
Published-26 May, 2026 | 21:54
Updated-17 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP `Host` request header was not validated before being used to reconstruct `request.url`. Because the routing algorithm relies on the raw HTTP path while `request.url` is rebuilt from the `Host` header, a malformed header could make `request.url.path` differ from the path that was actually requested. Middleware and endpoints that apply security restrictions based on `request.url` (rather than the raw `scope` path) could therefore be bypassed. Users should upgrade to a version greater than or equal to version 1.0.1, which validates the `Host` header against the grammar of RFC 9112 §3.2 / RFC 3986 §3.2.2 when constructing `request.url` and falls back to `scope["server"]` for malformed values.

Action-Not Available
Vendor-encodeKludexRed Hat, Inc.
Product-starlettestarletteRed Hat Ansible Automation Platform 2.7Red Hat Satellite 6.19Red Hat Ansible Automation Platform 2Red Hat AI Inference ServerExploit IntelligenceRed Hat Satellite 6Migration Toolkit for Applications 8OpenShift LightspeedRed Hat AI Inference Server 3.3Red Hat Satellite 6.18Red Hat Ansible Automation Platform 2.6Red Hat OpenShift AI 3.3Red Hat OpenShift AI 3.4Red Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-1289
Improper Validation of Unsafe Equivalence in Input
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2026-33806
Matching Score-6
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-6
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-7.5||HIGH
EPSS-0.41% / 33.05%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 00:14
Updated-15 Jul, 2026 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
fastify vulnerable to Body Schema Validation Bypass via Leading Space in Content-Type Header

Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still parsed correctly but schema validation is skipped. This is a regression introduced in fastify >= 5.3.2 by the fix for CVE-2025-32442 Patches: Upgrade to fastify v5.8.5 or later. Workarounds: None. Upgrade to the patched version.

Action-Not Available
Vendor-fastifyfastifyRed Hat, Inc.
Product-fastifyfastifyRed Hat OpenShift AI (RHOAI)Red Hat OpenShift Dev SpacesRed Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-1287
Improper Validation of Specified Type of Input
CWE ID-CWE-1289
Improper Validation of Unsafe Equivalence in Input
CVE-2026-33810
Matching Score-6
Assigner-Go Project
ShareView Details
Matching Score-6
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.34% / 26.24%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 01:06
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509

When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Action-Not Available
Vendor-Go standard libraryRed Hat, Inc.Go
Product-gocrypto/x509Cryostat 4 on RHEL 9Red Hat Openshift Data Foundation 4Zero Trust Workload Identity Manager - Tech PreviewRed Hat Quay 3Red Hat OpenShift distributed tracing 3.9.3Machine Deletion Remediation OperatorService Telemetry Framework 1.5mirror registry for Red Hat OpenShift 2Red Hat Developer HubRed Hat Connectivity Link 1Multicluster Engine for KubernetesDeployment Validation OperatorZero Trust Workload Identity ManagerLogging Subsystem for Red Hat OpenShift 6.4Red Hat OpenShift Builds 1.6.5Logging Subsystem for Red Hat OpenShift 6.0streams for Apache Kafka 3Multicluster Global Hub 1.5.4Red Hat 3scale API Management Platform 2Red Hat OpenShift GitOpsExternal Secrets Operator for Red Hat OpenShiftRed Hat OpenShift on AWSRed Hat Web Terminal 1.15Network Observability Operatorcert-manager Operator for Red Hat OpenShiftRed Hat OpenShift Cluster Manager CLIRed Hat Enterprise Linux 7Red Hat OpenShift Dev Spaces 3.28Red Hat OpenStack Platform 18.0Gatekeeper 3Migration Toolkit for ContainersRed Hat Enterprise Linux 10Red Hat OpenShift Dev Workspaces OperatorRed Hat Advanced Cluster Management for Kubernetes 2Node HealthCheck OperatorRed Hat Enterprise Linux 9OpenShift Service Mesh 3Red Hat Enterprise Linux 8Red Hat Ansible Automation Platform 2OpenShift ServerlessRed Hat Advanced Cluster Security 4Migration Toolkit for Applications 8OpenShift LightspeedRHEM 1.0 for RHEL 9Red Hat Edge Manager 1.0Power monitoring for Red Hat OpenShiftRed Hat Ansible Automation Platform 2.6Red Hat Service Interconnect 2Red Hat OpenStack Platform 17.1 for RHEL 9OpenShift Developer Tools and ServicesRed Hat OpenStack Platform 16.2Red Hat Web Terminal 1.14Red Hat OpenShift Builds 1.7.4Red Hat Satellite 6.19 for RHEL 9ExternalDNS OperatorOpenShift PipelinesFile Integrity OperatorSecurity Profiles OperatorRed Hat Certification Program for Red Hat Enterprise Linux 9Red Hat Web Terminal 1.11Red Hat Trusted Artifact Signer 1.3Red Hat Satellite 6OpenShift Compliance Operator 1Red Hat Edge Manager 1.1Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Lightspeed (formerly Insights) for Runtimes 1Red Hat Web Terminal 1.13Red Hat OpenShift AI (RHOAI)Confidential Compute Attestationmirror registry for Red Hat OpenShiftOpenShift Service Mesh 2Red Hat Enterprise Linux 9.4 Extended Update SupportMulticluster Global Hub 1.6.2Red Hat AI Inference ServerLogical Volume Manager StorageRed Hat Web Terminal 1.12Fence Agents Remediation OperatorMulticluster Global Hub 1.4.5Logging Subsystem for Red Hat OpenShiftRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat Service Interconnect 1Red Hat Enterprise Linux 9.6 Extended Update SupportOpenShift API for Data Protection 1.4OpenShift API for Data Protection 1.5Red Hat OpenShift Virtualization 4Red Hat OpenShift for Windows ContainersHawtIO HawtIO 4.4.0Red Hat OpenStack Platform 17.1Assisted Installer for Red Hat OpenShift Container Platform 2Red Hat OpenStack Services on OpenShift 18.0Custom Metric Autoscaler operator for Red Hat OpenshiftRed Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-1289
Improper Validation of Unsafe Equivalence in Input
CWE ID-CWE-295
Improper Certificate Validation
CVE-2025-62718
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-6.3||MEDIUM
EPSS-1.16% / 63.65%
||
7 Day CHG-0.03%
Published-09 Apr, 2026 | 14:31
Updated-15 Jul, 2026 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback addresses like localhost. (with a trailing dot) or [::1] (IPv6 literal) skip NO_PROXY matching and go through the configured proxy. This goes against what developers expect and lets attackers force requests through a proxy, even if NO_PROXY is set up to protect loopback or internal services. This issue leads to the possibility of proxy bypass and SSRF vulnerabilities allowing attackers to reach sensitive loopback or internal services despite the configured protections. This vulnerability is fixed in 1.15.0 and 0.31.0.

Action-Not Available
Vendor-axiosaxiosRed Hat, Inc.
Product-axiosaxiosRed Hat Advanced Cluster Security for Kubernetes 4.9Red Hat Developer Hub 1.8Red Hat build of Apicurio Registry 2Red Hat Process Automation 7Red Hat Quay 3Red Hat Developer HubRed Hat Build of KueueRed Hat Quay 3.16Multicluster Engine for KubernetesOpenShift PipelinesRed Hat OpenShift Service Mesh 3.3Red Hat Advanced Cluster Management for Kubernetes 2.14Red Hat OpenShift Service Mesh 3.2Red Hat Trusted Artifact Signer 1.3Red Hat OpenShift Service Mesh 2.6Streams for Apache Kafka 3.2.0Red Hat Ansible Automation Platform 2.5Red Hat 3scale API Management Platform 2Red Hat Satellite 6streams for Apache Kafka 2Red Hat Discovery 2Cluster Observability Operator 1.5.0Red Hat Quay 3.10multicluster engine for Kubernetes 2.6Network Observability OperatorRed Hat OpenShift AI (RHOAI)Red Hat Quay 3.15multicluster engine for Kubernetes 2.8OpenShift Service Mesh 2Self-service automation portal 2Red Hat Trusted Profile AnalyzerRed Hat OpenShift Service Mesh 3.1Red Hat Advanced Cluster Security for Kubernetes 4.10Network Observability (NETOBSERV) 1.11.2Gatekeeper 3Red Hat Fuse 7Migration Toolkit for ContainersRed Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat OpenShift AI 3.3Red Hat build of Apicurio Registry 3Red Hat Advanced Cluster Management for Kubernetes 2Red Hat Quay 3.9Red Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Enterprise Linux 9Red Hat Quay 3.17Red Hat Data Grid 8OpenShift Service Mesh 3Red Hat Ansible Automation Platform 2Red Hat Enterprise Linux 8Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift Dev Spaces 3.27Red Hat OpenShift Service Mesh 3Cryostat 4Red Hat Quay 3.14Red Hat Quay 3.12Red Hat Developer Hub 1.9Migration Toolkit for Applications 8Red Hat OpenShift Virtualization 4Red Hat Ansible Automation Platform 2.6Red Hat OpenShift AI 2.25Red Hat OpenShift Container Platform 4
CWE ID-CWE-1289
Improper Validation of Unsafe Equivalence in Input
CWE ID-CWE-441
Unintended Proxy or Intermediary ('Confused Deputy')
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
Details not found