Action not permitted
Modal body text goes here.
cve-2025-22868
Vulnerability from cvelistv5
Published
2025-02-26 03:07
Modified
2025-02-26 14:46
Severity ?
EPSS score ?
Summary
Unexpected memory consumption during token parsing in golang.org/x/oauth2
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| golang.org/x/oauth2 | golang.org/x/oauth2/jws |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-22868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:45:27.246610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T14:46:20.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/oauth2/jws",
"product": "golang.org/x/oauth2/jws",
"programRoutines": [
{
"name": "Verify"
}
],
"vendor": "golang.org/x/oauth2",
"versions": [
{
"lessThan": "0.27.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "jub0bs"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T03:07:49.012Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/652155"
},
{
"url": "https://go.dev/issue/71490"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"title": "Unexpected memory consumption during token parsing in golang.org/x/oauth2"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-22868",
"datePublished": "2025-02-26T03:07:49.012Z",
"dateReserved": "2025-01-08T19:11:42.834Z",
"dateUpdated": "2025-02-26T14:46:20.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-22868\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-02-26T08:14:24.897\",\"lastModified\":\"2025-02-26T15:15:24.993\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"references\":[{\"url\":\"https://go.dev/cl/652155\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/71490\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3488\",\"source\":\"security@golang.org\"}]}}"
}
}
ghsa-3wqc-mwfx-672p
Vulnerability from github
Published
2025-04-18 19:32
Modified
2025-04-18 19:32
Severity ?
Summary
Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability
Details
Summary
We have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22. - https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297
Details
It seems to target oauth2/jws library.
PoC
No steps to replicate this vulnerability
Impact
We have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions.
Patches
- https://github.com/traefik/traefik/releases/tag/v2.11.24
- https://github.com/traefik/traefik/releases/tag/v3.3.6
- https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.24"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.4.0-rc1"
},
{
"fixed": "3.4.0-rc2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.4.0-rc1"
]
}
],
"aliases": [
"CVE-2025-22868"
],
"database_specific": {
"cwe_ids": [
"CWE-1286"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-18T19:32:23Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\nWe have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22.\n- https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297\n\n### Details\nIt seems to target oauth2/jws library.\n\n### PoC\nNo steps to replicate this vulnerability\n\n### Impact\nWe have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.24\n- https://github.com/traefik/traefik/releases/tag/v3.3.6\n- https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2",
"id": "GHSA-3wqc-mwfx-672p",
"modified": "2025-04-18T19:32:24Z",
"published": "2025-04-18T19:32:23Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-3wqc-mwfx-672p"
},
{
"type": "PACKAGE",
"url": "https://github.com/traefik/traefik"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.24"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.3.6"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability"
}
rhsa-2025_2526
Vulnerability from csaf_redhat
Published
2025-03-10 15:51
Modified
2025-03-27 16:22
Summary
Red Hat Security Advisory: ACS 4.5 enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Details
This release of RHACS 4.5 provides these changes:
- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security (RHACS).",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.5 provides these changes:\n\n- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2526",
"url": "https://access.redhat.com/errata/RHSA-2025:2526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45"
},
{
"category": "external",
"summary": "ROX-28410",
"url": "https://issues.redhat.com/browse/ROX-28410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2526.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.5 enhancement update",
"tracking": {
"current_release_date": "2025-03-27T16:22:33+00:00",
"generator": {
"date": "2025-03-27T16:22:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2025:2526",
"initial_release_date": "2025-03-10T15:51:20+00:00",
"revision_history": [
{
"date": "2025-03-10T15:51:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-10T15:51:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-27T16:22:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.5 for RHEL 8",
"product": {
"name": "RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.7-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/oauth2/jws package in the token parsing component. This vulnerability allows an attacker to cause excessive memory consumption via a malicious malformed token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-10T15:51:20+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.7.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2526"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
}
]
}
rhsa-2025_3172
Vulnerability from csaf_redhat
Published
2025-03-25 19:58
Modified
2025-03-27 16:22
Summary
Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9
Notes
Topic
VolSync v0.12 general availability release images, which provide
enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details
VolSync v0.12.1 is a Kubernetes operator that enables asynchronous
replication of persistent volumes within a cluster, or across clusters. After
deploying the VolSync operator, it can create and maintain copies of your
persistent data.
For more information about VolSync, see:
https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync
or the VolSync open source community website at:
https://volsync.readthedocs.io/en/stable/
This advisory contains enhancements and updates to the VolSync
container images.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "VolSync v0.12 general availability release images, which provide\nenhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "VolSync v0.12.1 is a Kubernetes operator that enables asynchronous\nreplication of persistent volumes within a cluster, or across clusters. After\ndeploying the VolSync operator, it can create and maintain copies of your\npersistent data.\n\nFor more information about VolSync, see:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync\n\nor the VolSync open source community website at:\nhttps://volsync.readthedocs.io/en/stable/\n\nThis advisory contains enhancements and updates to the VolSync\ncontainer images.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3172",
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-19030",
"url": "https://issues.redhat.com/browse/ACM-19030"
},
{
"category": "external",
"summary": "HYPBLD-617",
"url": "https://issues.redhat.com/browse/HYPBLD-617"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3172.json"
}
],
"title": "Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9",
"tracking": {
"current_release_date": "2025-03-27T16:22:52+00:00",
"generator": {
"date": "2025-03-27T16:22:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2025:3172",
"initial_release_date": "2025-03-25T19:58:29+00:00",
"revision_history": [
{
"date": "2025-03-25T19:58:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-25T19:58:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-27T16:22:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product_id": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product": {
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product_id": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-operator-bundle\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product_id": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product_id": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product_id": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.12.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64"
},
"product_reference": "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9",
"product_id": "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64",
"relates_to_product_reference": "9Base-RHACM-2.13"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/oauth2/jws package in the token parsing component. This vulnerability allows an attacker to cause excessive memory consumption via a malicious malformed token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-25T19:58:29+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-25T19:58:29+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3172"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le",
"9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
rhsa-2025_3053
Vulnerability from csaf_redhat
Published
2025-03-20 04:55
Modified
2025-03-27 16:22
Summary
Red Hat Security Advisory: Gatekeeper v3.15.4
Notes
Topic
Gatekeeper v3.15.4
Details
Gatekeeper v3.15.4
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.15, the following namespaces are exempt from admission control:
- kube-*
- multicluster-engine
- hypershift
- hive
- rhacs-operator
- open-cluster-*
- openshift-*
To disable the default exempt namespaces, set the namespaces you want on the
object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0
* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Gatekeeper v3.15.4",
"title": "Topic"
},
{
"category": "general",
"text": "Gatekeeper v3.15.4\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.15, the following namespaces are exempt from admission control:\n\n- kube-*\n- multicluster-engine\n- hypershift\n- hive\n- rhacs-operator\n- open-cluster-*\n- openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on the\nobject.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0\n* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3053",
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-18305",
"url": "https://issues.redhat.com/browse/ACM-18305"
},
{
"category": "external",
"summary": "ACM-18536",
"url": "https://issues.redhat.com/browse/ACM-18536"
},
{
"category": "external",
"summary": "HYPBLD-606",
"url": "https://issues.redhat.com/browse/HYPBLD-606"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3053.json"
}
],
"title": "Red Hat Security Advisory: Gatekeeper v3.15.4",
"tracking": {
"current_release_date": "2025-03-27T16:22:46+00:00",
"generator": {
"date": "2025-03-27T16:22:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2025:3053",
"initial_release_date": "2025-03-20T04:55:47+00:00",
"revision_history": [
{
"date": "2025-03-20T04:55:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T04:55:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-27T16:22:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "gatekeeper 3.15 for RHEL 9",
"product": {
"name": "gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:gatekeeper:3.15::el9"
}
}
}
],
"category": "product_family",
"name": "gatekeeper"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product_id": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle\u0026tag=v3.15.4-1"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.15.1-30"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.15.4-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64"
},
"product_reference": "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64 as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le as a component of gatekeeper 3.15 for RHEL 9",
"product_id": "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.15"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/oauth2/jws package in the token parsing component. This vulnerability allows an attacker to cause excessive memory consumption via a malicious malformed token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:55:47+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:55:47+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3053"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x",
"9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
rhsa-2025_3051
Vulnerability from csaf_redhat
Published
2025-03-20 04:38
Modified
2025-03-27 16:22
Summary
Red Hat Security Advisory: Gatekeeper v3.17.2
Notes
Topic
Gatekeeper v3.17.2
Details
Gatekeeper v3.17.2
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.17, users can specify a `containerArguments` list of names
and values for both the audit and webhook configurations to be passed to
the respective deployment. These will be ignored if the argument has
already been set by the operator or specifies an argument listed in the
deny list.
Starting in v3.15, the following namespaces are exempt from admission
control:
* kube-*
* multicluster-engine
* hypershift
* hive
* rhacs-operator
* open-cluster-*
* openshift-*
To disable the default exempt namespaces, set the namespaces you want on
the object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0
* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1
* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Gatekeeper v3.17.2",
"title": "Topic"
},
{
"category": "general",
"text": "Gatekeeper v3.17.2\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.17, users can specify a `containerArguments` list of names\nand values for both the audit and webhook configurations to be passed to\nthe respective deployment. These will be ignored if the argument has\nalready been set by the operator or specifies an argument listed in the\ndeny list.\n\nStarting in v3.15, the following namespaces are exempt from admission\ncontrol:\n\n* kube-*\n* multicluster-engine\n* hypershift\n* hive\n* rhacs-operator\n* open-cluster-*\n* openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on\nthe object.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0\n* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1\n* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3051",
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1"
},
{
"category": "external",
"summary": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2",
"url": "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "ACM-18302",
"url": "https://issues.redhat.com/browse/ACM-18302"
},
{
"category": "external",
"summary": "ACM-18535",
"url": "https://issues.redhat.com/browse/ACM-18535"
},
{
"category": "external",
"summary": "HYPBLD-605",
"url": "https://issues.redhat.com/browse/HYPBLD-605"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3051.json"
}
],
"title": "Red Hat Security Advisory: Gatekeeper v3.17.2",
"tracking": {
"current_release_date": "2025-03-27T16:22:40+00:00",
"generator": {
"date": "2025-03-27T16:22:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2025:3051",
"initial_release_date": "2025-03-20T04:38:00+00:00",
"revision_history": [
{
"date": "2025-03-20T04:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T04:38:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-27T16:22:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "gatekeeper 3.17 for RHEL 9",
"product": {
"name": "gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:gatekeeper:3.17::el9"
}
}
}
],
"category": "product_family",
"name": "gatekeeper"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8?arch=s390x\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32?arch=arm64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d?arch=ppc64le\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9\u0026tag=v3.17.2-5"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product_id": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle\u0026tag=v3.17.2-2"
}
}
},
{
"category": "product_version",
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product_id": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95?arch=amd64\u0026repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator\u0026tag=v3.17.2-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64"
},
"product_reference": "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64 as a component of gatekeeper 3.17 for RHEL 9",
"product_id": "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
},
"product_reference": "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64",
"relates_to_product_reference": "9Base-gatekeeper-3.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/oauth2/jws package in the token parsing component. This vulnerability allows an attacker to cause excessive memory consumption via a malicious malformed token.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:38:00+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T04:38:00+00:00",
"details": "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3051"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x",
"9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.