Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-39835

Summary
Assigner-Go
Assigner Org ID-1bb62c36-49e3-4200-9d77-64a1400537cc
Published At-22 May, 2026 | 02:31
Updated At-17 Jul, 2026 | 12:04
Rejected At-
Credits

Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Go
Assigner Org ID:1bb62c36-49e3-4200-9d77-64a1400537cc
Published At:22 May, 2026 | 02:31
Updated At:17 Jul, 2026 | 12:04
Rejected At:
â–¼CVE Numbering Authority (CNA)
Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

Affected Products
Vendor
golang.org/x/crypto
Product
golang.org/x/crypto/ssh
Collection URL
https://pkg.go.dev
Package Name
golang.org/x/crypto/ssh
Program Routines
  • CertChecker.CheckHostKey
  • CertChecker.Authenticate
Default Status
unaffected
Versions
Affected
  • From 0 before 0.52.0 (semver)
Problem Types
TypeCWE IDDescription
N/AN/ACWE-476: NULL Pointer Dereference
Type: N/A
CWE ID: N/A
Description: CWE-476: NULL Pointer Dereference
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

NCC Group Cryptography Services, sponsored by Teleport
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://go.dev/issue/79563
N/A
https://groups.google.com/g/golang-announce/c/a082jnz-LvI
N/A
https://go.dev/cl/781660
N/A
https://pkg.go.dev/vuln/GO-2026-5015
N/A
Hyperlink: https://go.dev/issue/79563
Resource: N/A
Hyperlink: https://groups.google.com/g/golang-announce/c/a082jnz-LvI
Resource: N/A
Hyperlink: https://go.dev/cl/781660
Resource: N/A
Hyperlink: https://pkg.go.dev/vuln/GO-2026-5015
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
buildah
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 2:1.43.1-3.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/o:redhat:enterprise_linux:10.2
Default Status
affected
Versions
Unaffected
  • From 7:5.8.2-4.el10_2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
container-tools:rhel8
CPEs
  • cpe:/a:redhat:enterprise_linux:8
Default Status
affected
Versions
Unaffected
  • From 8100020260709093628.afee755d before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 6:5.8.2-4.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
buildah
CPEs
  • cpe:/a:redhat:enterprise_linux:9
Default Status
affected
Versions
Unaffected
  • From 2:1.43.1-3.el9_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.0 for RHEL 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 0:1.0.3-1.el9em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.1 for RHEL 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 0:1.1.3-1.el10em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEM 1.1 for RHEL 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
flightctl
CPEs
  • cpe:/a:redhat:edge_manager:1.1:el9
Default Status
affected
Versions
Unaffected
  • From 0:1.1.3-1.el9em before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1781686458 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-rhel8-operator
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1781686458 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-roxctl-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1781686458 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-v4-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1781686458 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1782891789 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-slim-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.10::el8
Default Status
affected
Versions
Unaffected
  • From 1782891789 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-operator-bundle
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-rhel9-operator
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-roxctl-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1782925137 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-slim-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1782925137 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.11
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-v4-rhel9
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.11::el9
Default Status
affected
Versions
Unaffected
  • From 1783352589 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-main-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1781686446 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-rhel8-operator
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1781686446 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-roxctl-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1781686446 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-v4-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1781686446 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1782891812 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Security for Kubernetes 4.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
advanced-cluster-security/rhacs-scanner-slim-rhel8
CPEs
  • cpe:/a:redhat:advanced_cluster_security:4.9::el8
Default Status
affected
Versions
Unaffected
  • From 1782891812 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alert-exporter-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502022 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alertmanager-proxy-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502465 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-api-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502025 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-cli-artifacts-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502494 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-db-setup-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502401 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-pam-issuer-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502403 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-periodic-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502022 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-telemetry-gateway-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502023 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-userinfo-proxy-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502029 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.0
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-worker-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.0::el9
Default Status
affected
Versions
Unaffected
  • From 1783502445 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alert-exporter-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194638 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alertmanager-proxy-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194353 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-api-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784196588 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-cli-artifacts-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784195620 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-db-setup-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194309 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-imagebuilder-api-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194144 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-imagebuilder-worker-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194188 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-pam-issuer-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194653 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-periodic-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194144 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-telemetry-gateway-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194980 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-userinfo-proxy-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194347 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-worker-rhel10
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el10
Default Status
affected
Versions
Unaffected
  • From 1784194971 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alert-exporter-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784128388 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-alertmanager-proxy-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784128860 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-api-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784126780 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-cli-artifacts-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127787 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-db-setup-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784126762 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-imagebuilder-api-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127762 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-imagebuilder-worker-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784126832 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-pam-issuer-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784126774 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-periodic-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127791 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-telemetry-gateway-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127135 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-userinfo-proxy-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784126733 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Edge Manager 1.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhem/flightctl-worker-rhel9
CPEs
  • cpe:/a:redhat:edge_manager:1.1::el9
Default Status
affected
Versions
Unaffected
  • From 1784127775 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057515 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-git-cloner-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057529 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-image-bundler-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057884 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-image-processing-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783058067 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-waiters-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783057868 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.7.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-webhook-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.7::el9
Default Status
affected
Versions
Unaffected
  • From 1783058284 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-controller-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783612432 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-git-cloner-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783611973 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-image-bundler-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783612714 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-image-processing-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783611805 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1784121108 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-waiters-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783612119 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Builds 1.8.1
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
openshift-builds/openshift-builds-webhook-rhel9
CPEs
  • cpe:/a:redhat:openshift_builds:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1783612163 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/cephcsi-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932114 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/cephcsi-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782931768 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/devicefinder-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932104 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/mcg-core-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783536000 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/mcg-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783535989 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-client-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783536515 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-client-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932521 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-metrics-exporter-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783018461 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/ocs-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783018421 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-blackbox-exporter-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932812 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cli-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537001 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cloudnative-pg-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932919 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537586 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-cosi-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782932969 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-csi-addons-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933015 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-csi-addons-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933042 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-drbd-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537392 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-external-snapshotter-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933235 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-external-snapshotter-sidecar-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933251 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-multicluster-console-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537955 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-multicluster-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933417 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-must-gather-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783537742 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odf-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782933602 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1783019377 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-volsync-plugin-mover-rhel9
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934054 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/odr-volsync-plugin-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934036 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Openshift Data Foundation 4.22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
odf4/rook-ceph-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_data_foundation:4.22::el9
Default Status
affected
Versions
Unaffected
  • From 1782934284 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.10
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel8
CPEs
  • cpe:/a:redhat:quay:3.10::el8
Default Status
affected
Versions
Unaffected
  • From 1783750447 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.16
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel9
CPEs
  • cpe:/a:redhat:quay:3.16::el9
Default Status
affected
Versions
Unaffected
  • From 1783955846 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
quay/quay-rhel8
CPEs
  • cpe:/a:redhat:quay:3.9::el8
Default Status
affected
Versions
Unaffected
  • From 1784125838 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-monitor-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783968508 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/cosign-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783961973 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/fetch-tsa-certs-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783968644 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/gitsign-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783959819 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-cli-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783969365 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/fulcio-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783968972 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-backfill-redis-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783969365 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-server-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783969365 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.3
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/timestamp-authority-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.3::el9
Default Status
affected
Versions
Unaffected
  • From 1783968644 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
conforma-cli-stack-v1
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 4-1.4.2 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/ctlog-monitor-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783330572 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-monitor-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783330572 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/cosign-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783330691 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/fetch-tsa-certs-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783326690 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/gitsign-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783332061 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-cli-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783332625 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/fulcio-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783326847 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-backfill-redis-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783332625 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/rekor-server-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783332625 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/timestamp-authority-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1783326690 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/model-validation-rhel9-operator
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782992727 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer 1.4
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhtas/policy-controller-rhel9-operator
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Default Status
affected
Versions
Unaffected
  • From 1782903492 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Assisted Installer for Red Hat OpenShift Container Platform 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
assisted/agent-preinstall-image-builder-rhel9
CPEs
  • cpe:/a:redhat:assisted_installer:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
cert-manager Operator for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cert-manager/jetstack-cert-manager-acmesolver-rhel9
CPEs
  • cpe:/a:redhat:cert_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
cert-manager Operator for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cert-manager/jetstack-cert-manager-rhel9
CPEs
  • cpe:/a:redhat:cert_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Confidential Compute Attestation
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9
CPEs
  • cpe:/a:redhat:confidential_compute_attestation:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Confidential Compute Attestation
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-sandboxed-containers/osc-podvm-payload-rhel9
CPEs
  • cpe:/a:redhat:confidential_compute_attestation:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Confidential Compute Attestation
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-sandboxed-containers/osc-rhel9-operator
CPEs
  • cpe:/a:redhat:confidential_compute_attestation:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Cryostat 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cryostat/cryostat-storage-rhel9
CPEs
  • cpe:/a:redhat:cryostat:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
External Secrets Operator for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
external-secrets-operator/external-secrets-rhel9
CPEs
  • cpe:/a:redhat:external_secrets_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/assisted-service-8-rhel8
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/assisted-service-9-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/azure-service-operator-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-api-provider-azure-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-api-provider-kubevirt-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/cluster-image-set-controller-rhel9
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Multicluster Engine for Kubernetes
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
multicluster-engine/hypershift-addon-rhel9-operator
CPEs
  • cpe:/a:redhat:multicluster_engine
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
oadp/oadp-mustgather-rhel9
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
oadp/oadp-velero-restic-restore-helper-rhel9
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift API for Data Protection
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
oadp/oadp-velero-rhel9
CPEs
  • cpe:/a:redhat:openshift_api_data_protection:1
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Pipelines
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-pipelines-client
CPEs
  • cpe:/a:redhat:openshift_pipelines:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-serverless-1/kn-plugin-func-func-util-rhel9
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
OpenShift Serverless
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-serverless-clients
CPEs
  • cpe:/a:redhat:serverless:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/acm-must-gather-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/multicluster-operators-subscription-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Advanced Cluster Management for Kubernetes 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhacm2/volsync-rhel9
CPEs
  • cpe:/a:redhat:acm:2
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Ceph Storage 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhceph/alloy-rhel10
CPEs
  • cpe:/a:redhat:ceph_storage:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gvisor-tap-vsock
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
trustee
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gvisor-tap-vsock
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-data-science-pipelines-argo-argoexec-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-model-registry-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift AI (RHOAI)
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoai/odh-trainer-rhel9
CPEs
  • cpe:/a:redhat:openshift_ai
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
cri-o
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
microshift
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/azure-service-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/lifecycle-agent-operator-bundle
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/lifecycle-agent-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/metallb-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/oc-mirror-plugin-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-agent-installer-api-server-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-agent-installer-api-server-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-agent-installer-csr-approver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-agent-installer-orchestrator-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-aws-ebs-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-aws-ebs-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-aws-efs-csi-driver-container-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-aws-efs-csi-driver-container-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-cluster-api-controllers-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-cluster-api-controllers-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-disk-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-disk-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-file-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-azure-file-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-baremetal-installer-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-baremetal-installer-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-cluster-capi-rhel8-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-cluster-capi-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-driver-manila-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-driver-manila-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-driver-nfs-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-driver-nfs-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-external-provisioner-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-csi-external-provisioner-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-docker-builder
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-docker-builder-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-cni-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-daemon-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-intel-netsec-vsp-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-marvell-cp-agent-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-marvell-vsp-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-network-resources-injector-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-dpu-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hyperkube
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hyperkube-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hypershift-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-hypershift-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-ibmcloud-cluster-api-controllers-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-insights-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer-altinfra-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer-altinfra-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer-artifacts
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer-artifacts-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-installer-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-kube-proxy-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-api-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-api-provider-aws-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-api-provider-azure-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-api-provider-azure-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-api-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-machine-config-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-node-feature-discovery
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-olm-rukpak-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-olm-rukpak-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-openstack-cinder-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-openstack-cinder-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-openstack-cloud-controller-manager-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-openstack-cloud-controller-manager-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-ovn-kubernetes-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-powervs-block-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-powervs-block-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-ptp
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-ptp-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-smb-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-support-log-gather-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-tests
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-tests-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-cluster-api-controllers-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-cluster-api-controllers-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-csi-driver-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-csi-driver-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-csi-driver-syncer-rhel8
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4/ose-vsphere-csi-driver-syncer-rhel9
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ose-azure-acr-image-credential-provider
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Container Platform 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
podman
CPEs
  • cpe:/a:redhat:openshift:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Dev Spaces
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
devspaces/traefik-rhel9
CPEs
  • cpe:/a:redhat:openshift_devspaces:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Dev Workspaces Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
devworkspace/devworkspace-project-clone-rhel9
CPEs
  • cpe:/a:redhat:devworkspace
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Dev Workspaces Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
devworkspace/devworkspace-rhel9-operator
CPEs
  • cpe:/a:redhat:devworkspace
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift for Windows Containers
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4-wincw/windows-machine-config-operator-bundle
CPEs
  • cpe:/a:redhat:windows_machine_config
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift for Windows Containers
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift4-wincw/windows-machine-config-rhel9-operator
CPEs
  • cpe:/a:redhat:windows_machine_config
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-agent-rhel8
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-agent-rhel9
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-image-updater-rhel8
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-image-updater-rhel9
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-rhel8
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/argocd-rhel9
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/gitops-rhel8
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/gitops-rhel8-operator
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/gitops-rhel9
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift GitOps
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-gitops-1/gitops-rhel9-operator
CPEs
  • cpe:/a:redhat:openshift_gitops:1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift on AWS
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rosa
CPEs
  • cpe:/a:redhat:openshift_service_on_aws:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenShift Virtualization 4
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
kubevirt
CPEs
  • cpe:/a:redhat:container_native_virtualization:4
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
golang-googlecode-go-crypto
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel8/osp-director-agent
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel8/osp-director-operator
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 16.2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel8/osp-director-operator-bundle
CPEs
  • cpe:/a:redhat:openstack:16.2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel9/osp-director-agent
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel9/osp-director-operator
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 17.1
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhosp-rhel9/osp-director-operator-bundle
CPEs
  • cpe:/a:redhat:openstack:17.1
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 18.0
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoso-operators/octavia-rhel9-operator
CPEs
  • cpe:/a:redhat:openstack:18.0
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat OpenStack Platform 18.0
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhoso-operators/prometheus-podman-exporter-rhel9
CPEs
  • cpe:/a:redhat:openstack:18.0
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Quay 3
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
quay/quay-builder-rhel9
CPEs
  • cpe:/a:redhat:quay:3
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhtas/model-transparency-cli-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhtas/model-validation-agent-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhtas/policy-controller-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Artifact Signer
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhtas/rhtas-console-rhel9
CPEs
  • cpe:/a:redhat:trusted_artifact_signer:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Security Profiles Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
compliance/openshift-security-profiles-operator-bundle
CPEs
  • cpe:/a:redhat:openshift_security_profiles_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Security Profiles Operator
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
compliance/openshift-security-profiles-rhel8-operator
CPEs
  • cpe:/a:redhat:openshift_security_profiles_operator:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-server-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:1
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager - Tech Preview
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager - Tech Preview
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-oidc-discovery-provider-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:0
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Zero Trust Workload Identity Manager - Tech Preview
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
zero-trust-workload-identity-manager/spiffe-spire-server-rhel9
CPEs
  • cpe:/a:redhat:zero_trust_workload_identity_manager:0
Default Status
affected
Problem Types
TypeCWE IDDescription
CWECWE-476NULL Pointer Dereference
Type: CWE
CWE ID: CWE-476
Description: NULL Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:41019: RHEM 1.1 for RHEL 10, RHEM 1.1 for RHEL 9

RHSA-2026:36796: RHEM 1.0 for RHEL 9

RHSA-2026:36199: Red Hat Enterprise Linux AppStream (v. 10)

RHSA-2026:37072: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)

RHSA-2026:38504: Red Hat Enterprise Linux AppStream (v. 8)

RHSA-2026:37410: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:37123: Red Hat Enterprise Linux AppStream (v. 9)

RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10

RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10

RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11

RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9

RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9

RHSA-2026:36651: Red Hat Edge Manager 1.0

RHSA-2026:40945: Red Hat Edge Manager 1.1

RHSA-2026:40118: Red Hat Edge Manager 1.1

RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4

RHSA-2026:41036: Red Hat OpenShift Builds 1.8.1

RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22

RHSA-2026:41031: Red Hat Quay 3.10

RHSA-2026:41066: Red Hat Quay 3.16

RHSA-2026:40262: Red Hat Quay 3.9

RHSA-2026:40972: Red Hat Trusted Artifact Signer 1.3

RHSA-2026:40974: Red Hat Trusted Artifact Signer 1.3

RHSA-2026:40969: Red Hat Trusted Artifact Signer 1.3

RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:37272: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:37286: Red Hat Trusted Artifact Signer 1.4

RHSA-2026:37296: Red Hat Trusted Artifact Signer 1.4

Configurations

Workarounds

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-05-22 04:01:27
Made public.2026-05-22 02:31:26
Event: Reported to Red Hat.
Date: 2026-05-22 04:01:27
Event: Made public.
Date: 2026-05-22 02:31:26
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-39835
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2480680
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39835.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:41019
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36796
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36199
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37072
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:38504
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37410
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37123
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26547
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36625
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36207
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26546
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36319
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36651
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40945
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40118
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36648
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41036
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37387
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41031
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41066
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40262
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40972
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40974
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40969
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36797
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37271
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37268
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37272
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37286
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37296
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-39835
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2480680
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39835.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41019
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36796
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36199
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37072
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:38504
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37410
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37123
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26547
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36625
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36207
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26546
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36319
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36651
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40945
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40118
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36648
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41036
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37387
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41031
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41066
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40262
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40972
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40974
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40969
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36797
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37271
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37268
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37272
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37286
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37296
Resource:
vendor-advisory
x_refsource_REDHAT
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@golang.org
Published At:22 May, 2026 | 04:16
Updated At:17 Jul, 2026 | 13:18

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Go
golang
>>crypto>>Versions before 0.52.0(exclusive)
cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*
Weaknesses
CWE IDTypeSource
CWE-295Primarynvd@nist.gov
CWE-476Secondary0b0ca135-0b70-47e7-9f44-1890c2a1c46c
CWE ID: CWE-295
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-476
Type: Secondary
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://go.dev/cl/781660security@golang.org
Issue Tracking
https://go.dev/issue/79563security@golang.org
Issue Tracking
https://groups.google.com/g/golang-announce/c/a082jnz-LvIsecurity@golang.org
Mailing List
https://pkg.go.dev/vuln/GO-2026-5015security@golang.org
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:265460b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:265470b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:361990b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:362070b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:363190b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:366250b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:366480b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:366510b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:367960b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:367970b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:370720b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:371230b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:372680b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:372710b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:372720b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:372860b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:372960b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:373870b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:374100b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:385040b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:401180b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:402620b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:409450b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:409690b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:409720b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:409740b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410190b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410310b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410360b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:410660b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/security/cve/CVE-2026-398350b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=24806800b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39835.json0b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
Hyperlink: https://go.dev/cl/781660
Source: security@golang.org
Resource:
Issue Tracking
Hyperlink: https://go.dev/issue/79563
Source: security@golang.org
Resource:
Issue Tracking
Hyperlink: https://groups.google.com/g/golang-announce/c/a082jnz-LvI
Source: security@golang.org
Resource:
Mailing List
Hyperlink: https://pkg.go.dev/vuln/GO-2026-5015
Source: security@golang.org
Resource:
Vendor Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26546
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:26547
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36199
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36207
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36319
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36625
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36648
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36651
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36796
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:36797
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37072
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37123
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37268
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37271
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37272
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37286
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37296
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37387
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:37410
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:38504
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40118
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40262
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40945
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40969
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40972
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:40974
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41019
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41031
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41036
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:41066
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-39835
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2480680
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39835.json
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1421Records found

CVE-2023-6356
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.45% / 70.39%
||
7 Day CHG~0.00%
Published-07 Feb, 2024 | 21:04
Updated-06 Nov, 2025 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: null pointer dereference in nvmet_tcp_build_iovec

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linuxenterprise_linux_euscodeready_linux_builder_for_arm64_euscodeready_linux_builder_for_ibm_z_systems_euscodeready_linux_builder_eusenterprise_linux_for_real_time_for_nfventerprise_linux_for_arm_64_eusvirtualization_hostenterprise_linux_server_ausdebian_linuxcodeready_linux_builder_eus_for_power_little_endian_eusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_server_tuslinux_kernelenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_real_timeRed Hat Enterprise Linux 9RHOL-5.8-RHEL-9Red Hat Enterprise Linux 6Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.8 Extended Update Support
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-7262
Matching Score-10
Assigner-PHP Group
ShareView Details
Matching Score-10
Assigner-PHP Group
CVSS Score-2.9||LOW
EPSS-0.78% / 51.83%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 04:00
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element.  This leads to dereferences a NULL pointer, causing a segmentation fault. This allows a remote unauthenticated attacker to crash the PHP SOAP server process, resulting in denial of service.

Action-Not Available
Vendor-Red Hat, Inc.The PHP Group
Product-phpPHPRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Hardened Images
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-32913
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.79% / 52.19%
||
7 Day CHG+0.06%
Published-14 Apr, 2025 | 13:37
Updated-29 Jun, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-32909
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.49% / 39.17%
||
7 Day CHG+0.03%
Published-14 Apr, 2025 | 14:42
Updated-30 Jun, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-47220
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.67%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 18:02
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host related options is specified, like HOST_FIRST, SNI_FIRST, it's possible to crash Envoy when the specified host header is missing in the request headers. This vulnerability is fixed in 1.37.5 and 1.38.3.

Action-Not Available
Vendor-envoyproxyenvoyproxyRed Hat, Inc.
Product-envoyenvoyOpenShift Service Mesh 2OpenShift Service Mesh 3
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2010-2222
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.35% / 68.35%
||
7 Day CHG~0.00%
Published-05 Nov, 2019 | 19:27
Updated-07 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.

Action-Not Available
Vendor-Red Hat, Inc.
Product-389_directory_serverdirectory_serverRed Hat Directory Server
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-3354
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.61% / 73.18%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 16:16
Updated-13 Feb, 2025 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.

Action-Not Available
Vendor-n/aRed Hat, Inc.QEMUFedora Project
Product-openstack_platformqemufedoraenterprise_linuxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8 Advanced VirtualizationExtra Packages for Enterprise LinuxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat OpenStack Platform 13 (Queens)FedoraqemuRed Hat Enterprise Linux 8
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-16871
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.78% / 84.77%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 16:19
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Action-Not Available
Vendor-NetApp, Inc.Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverh300eenterprise_linux_server_eush500scloud_backupenterprise_linux_server_ausenterprise_linuxh410c_firmwareh300s_firmwareh410sh300sh300e_firmwaredeveloper_toolslinux_kernelh500emrg_realtimeenterprise_linux_workstationh410s_firmwareh500s_firmwareh500e_firmwareh700s_firmwareenterprise_linux_eush700eh410centerprise_linux_server_tush700e_firmwareh700senterprise_linux_desktopkernel:
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-32252
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-4.06% / 89.52%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-27 Aug, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Session null pointer dereference denial-of-service vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelh500sh410s_firmwareh700s_firmwareh300s_firmwareh500s_firmwareh410c_firmwareh410sh410ch300sh700sRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-17075
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.77% / 84.74%
||
7 Day CHG~0.00%
Published-16 Sep, 2018 | 02:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.

Action-Not Available
Vendor-n/aFedora ProjectGo
Product-fedoranetn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-32248
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-4.06% / 89.52%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-02 Aug, 2024 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tree connection null pointer dereference denial-of-service vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelh500sh410sh410ch300sh700sRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-7006
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.52% / 71.69%
||
7 Day CHG~0.00%
Published-08 Aug, 2024 | 20:49
Updated-23 Jan, 2026 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libtiff: null pointer dereference in tif_dirinfo.c

A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.LibTIFF
Product-enterprise_linuxenterprise_linux_server_ausenterprise_linux_for_power_little_endian_euslibtiffenterprise_linux_for_arm_64Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 7
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-29652
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.23% / 86.84%
||
7 Day CHG~0.00%
Published-17 Dec, 2020 | 04:12
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.

Action-Not Available
Vendor-n/aGo
Product-sshn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-32281
Matching Score-10
Assigner-Go Project
ShareView Details
Matching Score-10
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.35% / 27.15%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 01:06
Updated-16 Apr, 2026 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Inefficient policy validation in crypto/x509

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Action-Not Available
Vendor-Go standard libraryGo
Product-gocrypto/x509
CWE ID-CWE-295
Improper Certificate Validation
CVE-2026-3238
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.67% / 84.06%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 07:34
Updated-15 Jul, 2026 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Samba: denial of service against ad dc wins server

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-29785
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.40%
||
7 Day CHG~0.00%
Published-25 Mar, 2026 | 19:38
Updated-15 Jul, 2026 | 02:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NATS Server panic via malicious compression on leafnode port

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash the nats-server by triggering a panic. This happens pre-authentication and requires that compression be enabled (which it is, by default, when leafnodes are used). Versions 2.11.14 and 2.12.5 contain a fix. As a workaround, disable compression on the leafnode port.

Action-Not Available
Vendor-nats-ioRed Hat, Inc.The Linux Foundation
Product-nats-servernats-serverMulticluster Global Hub 1.5.4Multicluster Global Hub 1.6.2Multicluster Global Hub 1.4.5Red Hat OpenShift Container Platform 4
CWE ID-CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-27651
Matching Score-10
Assigner-F5, Inc.
ShareView Details
Matching Score-10
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-0.92% / 56.31%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 14:13
Updated-15 Jul, 2026 | 02:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NGINX ngx_mail_auth_http_module vulnerability

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.Red Hat, Inc.
Product-nginx_plusnginx_open_sourceNGINX Open SourceNGINX PlusRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Update Infrastructure 5Red Hat Enterprise Linux 10Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Hardened Images
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-27137
Matching Score-10
Assigner-Go Project
ShareView Details
Matching Score-10
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.61% / 45.05%
||
7 Day CHG~0.00%
Published-06 Mar, 2026 | 21:28
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect enforcement of email constraints in crypto/x509

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Action-Not Available
Vendor-Go standard libraryRed Hat, Inc.Go
Product-gocrypto/x509Red Hat Openshift Data Foundation 4Zero Trust Workload Identity Manager - Tech PreviewRed Hat Quay 3Red Hat OpenShift distributed tracing 3.9.3Machine Deletion Remediation OperatorRed Hat OpenShift GitOps 1.18mirror registry for Red Hat OpenShift 2Service Telemetry Framework 1.5Red Hat Developer HubRed Hat Connectivity Link 1Red Hat Quay 3.16Multicluster Engine for KubernetesDeployment Validation OperatorZero Trust Workload Identity ManagerLogging Subsystem for Red Hat OpenShift 6.4Red Hat OpenShift Builds 1.6.5Logging Subsystem for Red Hat OpenShift 6.0streams for Apache Kafka 3Multicluster Global Hub 1.5.4Red Hat 3scale API Management Platform 2External Secrets Operator for Red Hat OpenShiftRed Hat OpenShift on AWSRed Hat Web Terminal 1.15Network Observability Operatorcert-manager Operator for Red Hat OpenShiftRed Hat OpenShift Cluster Manager CLIRHEM 1.1 for RHEL 9Red Hat Enterprise Linux 7Red Hat OpenStack Platform 18.0Gatekeeper 3Migration Toolkit for ContainersRed Hat Enterprise Linux 10Node HealthCheck OperatorRed Hat Enterprise Linux 9OpenShift Service Mesh 3Red Hat Enterprise Linux 8Red Hat Ansible Automation Platform 2Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift GitOps 1.20Logging Subsystem for Red Hat OpenShift 6.2Compliance OperatorRed Hat Advanced Cluster Security 4OpenShift ServerlessMigration Toolkit for Applications 8OpenShift LightspeedRHEM 1.0 for RHEL 9Power monitoring for Red Hat OpenShiftRed Hat Ansible Automation Platform 2.6Red Hat OpenShift AI 2.25Red Hat Service Interconnect 2Red Hat OpenStack Platform 17.1 for RHEL 9OpenShift Developer Tools and ServicesRed Hat OpenStack Platform 16.2Red Hat Web Terminal 1.14Red Hat OpenShift Builds 1.7.4DevWorkspace Operator 0.4ExternalDNS OperatorRed Hat Advanced Cluster Management for Kubernetes 2.15Red Hat Satellite 6.18OpenShift PipelinesFile Integrity OperatorSecurity Profiles OperatorRed Hat Certification Program for Red Hat Enterprise Linux 9Red Hat Web Terminal 1.11Red Hat Trusted Artifact Signer 1.3RHEM 1.1 for RHEL 10Red Hat Satellite 6Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Lightspeed (formerly Insights) for Runtimes 1Red Hat Web Terminal 1.13Red Hat OpenShift AI (RHOAI)Confidential Compute Attestationmirror registry for Red Hat OpenShiftOpenShift Service Mesh 2Red Hat Edge Manager 1Multicluster Global Hub 1.3.4Multicluster Global Hub 1.6.2Logical Volume Manager StorageRed Hat Web Terminal 1.12Fence Agents Remediation OperatorMulticluster Global Hub 1.4.5Logging Subsystem for Red Hat OpenShiftRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat Service Interconnect 1Red Hat Enterprise Linux 9.6 Extended Update SupportOpenShift API for Data Protection 1.4Red Hat OpenShift Dev Spaces 3.27Cryostat 4Red Hat OpenShift Virtualization 4OpenShift API for Data Protection 1.5Red Hat OpenShift GitOps 1.19Red Hat OpenShift for Windows ContainersRed Hat OpenStack Platform 17.1Assisted Installer for Red Hat OpenShift Container Platform 2Red Hat OpenStack Services on OpenShift 18.0Custom Metric Autoscaler operator for Red Hat OpenshiftRed Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-27536
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.42% / 69.92%
||
7 Day CHG~0.00%
Published-20 Apr, 2022 | 00:00
Updated-03 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.

Action-Not Available
Vendor-n/aApple Inc.Go
Product-gomacosn/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2026-21945
Matching Score-10
Assigner-Oracle
ShareView Details
Matching Score-10
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.86% / 54.57%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-15 Jul, 2026 | 02:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationSiemens AGRed Hat, Inc.
Product-graalvm_for_jdkjrejdkgraalvmOracle GraalVM Enterprise EditionOracle GraalVM for JDKOracle Java SERed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsTemurin Build of OpenJDK 25.0.2Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Build of OpenJDK 8u482Red Hat OpenJDK 11 els for RHEL 9Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10SIMATIC CN 4100Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Build of OpenJDK 25.0.2Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8OPENJDK ELS 11.0.30Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat OpenJDK 11 els for RHEL 8Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Build of OpenJDK 21.0.10Red Hat OpenJDK 11 els for RHEL 7Red Hat Build of OpenJDK 17.0.18
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-1584
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.38% / 69.08%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 18:00
Updated-15 Jul, 2026 | 02:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

Action-Not Available
Vendor-Red Hat, Inc.GNU
Product-hardened_imagesgnutlsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-11788
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.35% / 26.88%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 13:02
Updated-30 Jun, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
389-ds-base: 389-ds-base: null pointer dereference in deref control plugin ber parser

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure.

Action-Not Available
Vendor-Red Hat, Inc.
Product-directory_server389_directory_serverenterprise_linuxRed Hat Directory Server 11Red Hat Directory Server 13Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Directory Server 12
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-6536
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.54% / 72.06%
||
7 Day CHG~0.00%
Published-07 Feb, 2024 | 21:05
Updated-06 Nov, 2025 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: null pointer dereference in __nvmet_req_complete

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linuxenterprise_linux_euscodeready_linux_builder_for_arm64_euscodeready_linux_builder_for_ibm_z_systems_euscodeready_linux_builder_eusenterprise_linux_for_real_time_for_nfventerprise_linux_for_arm_64_eusvirtualization_hostenterprise_linux_server_ausdebian_linuxcodeready_linux_builder_eus_for_power_little_endian_eusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_power_little_endian_euslinux_kernelenterprise_linux_server_tusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_real_timeRed Hat Enterprise Linux 9RHOL-5.8-RHEL-9Red Hat Enterprise Linux 6Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.8 Extended Update Support
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-6535
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.55% / 72.31%
||
7 Day CHG~0.00%
Published-07 Feb, 2024 | 21:04
Updated-06 Nov, 2025 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: null pointer dereference in nvmet_tcp_execute_request

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxenterprise_linux_euscodeready_linux_builder_for_arm64_euscodeready_linux_builder_for_ibm_z_systems_euscodeready_linux_builder_eusenterprise_linux_for_real_time_for_nfventerprise_linux_for_arm_64_eusvirtualization_hostenterprise_linux_server_auscodeready_linux_builder_eus_for_power_little_endian_eusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_power_little_endian_euslinux_kernelenterprise_linux_server_tusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_real_timeRed Hat Enterprise Linux 9RHOL-5.8-RHEL-9Red Hat Enterprise Linux 6Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.8 Extended Update Support
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-12329
Matching Score-10
Assigner-Mozilla Corporation
ShareView Details
Matching Score-10
Assigner-Mozilla Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.33% / 24.69%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 11:53
Updated-15 Jul, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory safety bug fixed in Thunderbird ESR 140.12

Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-thunderbirdfirefoxThunderbirdFirefoxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 6Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Enterprise Linux 9.4 Update Services for SAP Solutions
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-17142
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.81% / 84.93%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call.

Action-Not Available
Vendor-n/aFedora ProjectGo
Product-fedoranetn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-61729
Matching Score-10
Assigner-Go Project
ShareView Details
Matching Score-10
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.46% / 36.95%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 18:54
Updated-19 Dec, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.

Action-Not Available
Vendor-Go standard libraryGo
Product-gocrypto/x509
CWE ID-CWE-295
Improper Certificate Validation
CVE-2025-58188
Matching Score-10
Assigner-Go Project
ShareView Details
Matching Score-10
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-0.36% / 28.40%
||
7 Day CHG~0.00%
Published-29 Oct, 2025 | 22:10
Updated-29 Jan, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Panic when validating certificates with DSA public keys in crypto/x509

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.

Action-Not Available
Vendor-Go standard libraryGo
Product-gocrypto/x509
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-7919
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.58% / 83.49%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 20:55
Updated-04 Aug, 2024 | 09:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectGoDebian GNU/Linux
Product-gocloud_insights_telegrafdebian_linuxfedoran/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-28362
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.81% / 88.87%
||
7 Day CHG~0.00%
Published-18 Nov, 2020 | 16:27
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectGo
Product-gocloud_insights_telegraf_agentfedoratridentn/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2020-1730
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-3.06% / 86.14%
||
7 Day CHG~0.00%
Published-13 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

Action-Not Available
Vendor-libsshRed Hat, Inc.NetApp, Inc.Canonical Ltd.Oracle CorporationFedora Project
Product-ubuntu_linuxcloud_backupfedoraenterprise_linuxlibsshmysql_workbenchlibssh
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-5971
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.72% / 84.36%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 20:51
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Data Grid 8Red Hat build of QuarkusRed Hat Single Sign-On 7Red Hat Integration Camel K 1Red Hat build of Apache Camel 4.4.2 for Spring BootRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat build of Apache Camel - HawtIO 4Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform 7Red Hat Process Automation 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 8Red Hat Build of KeycloakRed Hat build of Apache Camel 3.20.7 for Spring BootRed Hat build of Apache Camel 4.4.1 for Spring Boot 3.2Red Hat build of Apache Camel for Spring Boot 3
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2023-34967
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-62.61% / 99.10%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 14:57
Updated-20 Nov, 2025 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Samba: type confusion in mdssvc rpc service for spotlight

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.

Action-Not Available
Vendor-Red Hat, Inc.Fedora ProjectDebian GNU/LinuxSamba
Product-sambadebian_linuxfedoraenterprise_linuxRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Storage 3Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-8177
Matching Score-8
Assigner-CPAN Security Group
ShareView Details
Matching Score-8
Assigner-CPAN Security Group
CVSS Score-7.5||HIGH
EPSS-0.63% / 46.12%
||
7 Day CHG+0.10%
Published-10 May, 2026 | 20:48
Updated-15 Jul, 2026 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory. Any Perl process that passes attacker controlled strings to XML::LibXML's DOM node-name methods can reach this path on the default API. The likely consequence is a crash, causing denial of service.

Action-Not Available
Vendor-SHLOMIFRed Hat, Inc.
Product-XML::LibXMLRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34966
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-62.02% / 99.08%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 14:56
Updated-20 Nov, 2025 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Samba: infinite loop in mdssvc rpc service for spotlight

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.

Action-Not Available
Vendor-Red Hat, Inc.Fedora ProjectDebian GNU/LinuxSamba
Product-sambadebian_linuxfedoraenterprise_linuxRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Storage 3Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-6780
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-2.71% / 84.33%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 14:08
Updated-14 Jul, 2026 | 12:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glibc: integer overflow in __vsyslog_internal()

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

Action-Not Available
Vendor-n/aSiemens AGGNURed Hat, Inc.Fedora Project
Product-glibcfedoraglibcRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8FedoraSIMATIC S7-1500 CPU 1518F-4 PN/DP MFPSIMATIC S7-1500 CPU 1518-4 PN/DP MFPSIPLUS S7-1500 CPU 1518-4 PN/DP MFP
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-10704
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.45% / 87.70%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 00:00
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

Action-Not Available
Vendor-Debian GNU/LinuxopenSUSESambaFedora ProjectRed Hat, Inc.
Product-sambadebian_linuxfedoraleapsamba
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2023-3223
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.04% / 79.02%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 13:54
Updated-02 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: outofmemoryerror due to @multipartconfig handling

A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.

Action-Not Available
Vendor-Red Hat, Inc.
Product-single_sign-onopenshift_container_platformenterprise_linuxundertowopenshift_container_platform_for_powerjboss_enterprise_application_platformjboss_enterprise_application_platform_text-only_advisoriesopenshift_container_platform_for_ibm_linuxoneRed Hat Single Sign-On 7.6 for RHEL 7Red Hat support for Spring BootRed Hat Process Automation 7Red Hat Single Sign-On 7.6 for RHEL 9Red Hat JBoss Enterprise Application Platform 7.1.0Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat Single Sign-On 7.6.5Red Hat Data Grid 8Red Hat JBoss Data Grid 7RHEL-8 based Middleware ContainersRed Hat OpenStack Platform 13 (Queens) Operational ToolsRed Hat Integration Service RegistryRed Hat Integration Camel KRed Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat Decision Manager 7Red Hat Single Sign-On 7.6 for RHEL 8Red Hat JBoss Fuse 6Red Hat build of QuarkusRed Hat JBoss Enterprise Application Platform Expansion PackRed Hat Fuse 7.12.1
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2023-32247
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.87% / 89.03%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-27 Aug, 2024 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Session setup memory exhaustion denial-of-service vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelh500sh410sh300sh700sRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-32255
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.47% / 37.89%
||
7 Day CHG~0.00%
Published-02 Aug, 2025 | 22:25
Updated-30 Jun, 2026 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: memory leak via ksmbd session setup request with unknown ntlmssp message type

A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2023-3171
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.85% / 54.10%
||
7 Day CHG~0.00%
Published-27 Dec, 2023 | 15:45
Updated-02 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Eap-7: heap exhaustion via deserialization

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.

Action-Not Available
Vendor-Red Hat, Inc.
Product-jboss_enterprise_application_platformenterprise_linuxRed Hat JBoss Enterprise Application Platform 7.4 on RHEL 7EAP 7.4.13Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-3153
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.99% / 58.70%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 11:13
Updated-19 Sep, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Service monitor mac flow is not rate limited

A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.

Action-Not Available
Vendor-ovnn/aRed Hat, Inc.Fedora Project
Product-open_virtual_networkopenshift_container_platformenterprise_linuxfast_datapathovnFast Datapath for RHEL 7Red Hat OpenStack Platform 13 (Queens)Fast Datapath for RHEL 9Red Hat OpenShift Container Platform 4Fast Datapath for RHEL 8Fedora
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-5685
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.48% / 87.79%
||
7 Day CHG~0.00%
Published-22 Mar, 2024 | 18:24
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xnio: stackoverflowexception when the chain of notifier states becomes problematically big

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat JBoss Fuse Service Works 6Red Hat Integration Camel K 1Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apache Camel 4.4.0 for Spring BootRed Hat JBoss Enterprise Application Platform 7Red Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat Build of KeycloakRed Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform 8Red Hat build of Apache Camel for Spring Boot 3
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-54365
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.57% / 43.22%
||
7 Day CHG~0.00%
Published-23 Jun, 2026 | 12:12
Updated-15 Jul, 2026 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Traefik - Denial of Service via HTTP/2 Request Handling

Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation (CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique). A remote attacker can rapidly create and cancel HTTP/2 streams to exhaust server resources and cause service unavailability.

Action-Not Available
Vendor-traefikTraefikRed Hat, Inc.Go
Product-traefikopenshift_aigoTraefikRed Hat OpenShift AI (RHOAI)Red Hat OpenShift Dev Spaces
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-5871
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.92% / 56.35%
||
7 Day CHG~0.00%
Published-27 Nov, 2023 | 11:58
Updated-20 Nov, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libnbd: malicious nbd server may crash libnbd

A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linuxlibnbdRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8
CWE ID-CWE-617
Reachable Assertion
CVE-2025-49795
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 38.02%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 15:19
Updated-07 Jul, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libxml: null pointer dereference leads to denial of service (dos)

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.Siemens AG
Product-Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat JBoss Core Services 2.4.62.SP2Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10libxml2Red Hat Hardened ImagesRUGGEDCOM RST2428P
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2019-3883
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-8.43% / 94.38%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 00:00
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout' seconds. However this timeout applies only for un-encrypted requests. Connections using SSL/TLS are not taking this timeout into account during reads, and may hang longer.An unauthenticated attacker could repeatedly create hanging LDAP requests to hang all the workers, resulting in a Denial of Service.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Fedora Project
Product-debian_linux389_directory_serverenterprise_linux389-ds-base
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2025-4948
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.29%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 15:55
Updated-30 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup

A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpectedly, creating a denial-of-service (DoS) risk.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 6
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2023-24537
Matching Score-8
Assigner-Go Project
ShareView Details
Matching Score-8
Assigner-Go Project
CVSS Score-7.5||HIGH
EPSS-1.41% / 69.70%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 15:50
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.

Action-Not Available
Vendor-Go standard libraryGo
Product-gogo/scanner
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-48431
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.08% / 61.33%
||
7 Day CHG~0.00%
Published-28 Apr, 2026 | 09:11
Updated-15 Jul, 2026 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.

Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal "free(): invalid pointer" error message.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software Foundation
Product-thriftApache ThriftOpenShift Service Mesh 2Cryostat 4 on RHEL 9Red Hat OpenStack Platform 18.0Red Hat Advanced Cluster Management for Kubernetes 2.15Red Hat Advanced Cluster Management for Kubernetes 2.16Red Hat AI Inference ServerRed Hat Ceph Storage 5Red Hat Advanced Cluster Management for Kubernetes 2Red Hat Advanced Cluster Management for Kubernetes 2.14Multicluster Global HubRed Hat OpenShift distributed tracing 3.10.1Red Hat OpenShift distributed tracing 3Red Hat Enterprise Linux 8Red Hat Ceph Storage 9Red Hat Ceph Storage 8Red Hat Ceph Storage 6Red Hat OpenShift AI (RHOAI)Red Hat OpenShift Container Platform 4
CWE ID-CWE-762
Mismatched Memory Management Routines
CWE ID-CWE-763
Release of Invalid Pointer or Reference
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 28
  • 29
  • Next
Details not found