CVE-2026-46595 (GCVE-0-2026-46595)

Vulnerability from cvelistv5 – Published: 2026-05-22 02:31 – Updated: 2026-07-17 12:04
VLAI
Title
Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
Summary
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
  • CWE-303 - Incorrect Implementation of Authentication Algorithm
Assigner
Go
References
URL Tags
https://go.dev/issue/79570
https://groups.google.com/g/golang-announce/c/a08…
https://go.dev/cl/781642
https://pkg.go.dev/vuln/GO-2026-5023
https://access.redhat.com/security/cve/CVE-2026-46595 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2480689 issue-trackingx_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:41019 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36796 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36808 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30651 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26547 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36207 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:26546 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36651 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40945 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:40118 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33531 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:33524 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23262 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:23264 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37275 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36648 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:41036 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36820 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:37387 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:36797 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:30650 vendor-advisoryx_refsource_REDHAT
Impacted products
Vendor Product Version
golang.org/x/crypto golang.org/x/crypto/ssh Affected: 0 , < 0.52.0 (semver)
Create a notification for this product.
Red Hat RHEM 1.0 for RHEL 9 Unaffected: 0:1.0.3-1.el9em , < * (rpm)
    cpe:/a:redhat:edge_manager:1.0::el9
Create a notification for this product.
Red Hat RHEM 1.1 for RHEL 10 Unaffected: 0:1.1.3-1.el10em , < * (rpm)
    cpe:/a:redhat:edge_manager:1.1::el10
Create a notification for this product.
Red Hat RHEM 1.1 for RHEL 9 Unaffected: 0:1.1.3-1.el9em , < * (rpm)
    cpe:/a:redhat:edge_manager:1.1:el9
Create a notification for this product.
Red Hat DevWorkspace Operator 0.42 Unaffected: 1782401674 , < * (rpm)
    cpe:/a:redhat:devworkspace:0.42::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782160196 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782477094 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782160009 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782160210 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782160541 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat multicluster engine for Kubernetes 2.8 Unaffected: 1782159773 , < * (rpm)
    cpe:/a:redhat:multicluster_engine:2.8::el9
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2.13 Unaffected: 1782383730 , < * (rpm)
    cpe:/a:redhat:acm:2.13::el9
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2.13 Unaffected: 1782488873 , < * (rpm)
    cpe:/a:redhat:acm:2.13::el9
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2.13 Unaffected: 1782382711 , < * (rpm)
    cpe:/a:redhat:acm:2.13::el9
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security for Kubernetes 4.10 Unaffected: 1781686458 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.10::el8
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security for Kubernetes 4.11 Unaffected: 1783352589 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.11::el9
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security for Kubernetes 4.9 Unaffected: 1781686446 , < * (rpm)
    cpe:/a:redhat:advanced_cluster_security:4.9::el8
Create a notification for this product.
Red Hat Red Hat Edge Manager 1.0 Unaffected: 1783502025 , < * (rpm)
    cpe:/a:redhat:edge_manager:1.0::el9
Create a notification for this product.
Red Hat Red Hat Edge Manager 1.1 Unaffected: 1784196588 , < * (rpm)
    cpe:/a:redhat:edge_manager:1.1::el10
Create a notification for this product.
Red Hat Red Hat Edge Manager 1.1 Unaffected: 1784126780 , < * (rpm)
    cpe:/a:redhat:edge_manager:1.1::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782804957 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782758407 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782758410 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782754093 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782744816 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782758409 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI 3.4 Unaffected: 1782744830 , < * (rpm)
    cpe:/a:redhat:enterprise_linux_ai:3.4::el9
Create a notification for this product.
Red Hat Red Hat Hardened Images Unaffected: 1.25.11-2.hum1 , < * (rpm)
    cpe:/a:redhat:hummingbird:1
Create a notification for this product.
Red Hat Red Hat Hardened Images Unaffected: 1.26.4-2.hum1 , < * (rpm)
    cpe:/a:redhat:hummingbird:1
Create a notification for this product.
Red Hat Red Hat OpenShift AI 3.3 Unaffected: 1782471656 , < * (rpm)
    cpe:/a:redhat:openshift_ai:3.3::el9
Create a notification for this product.
Red Hat Red Hat OpenShift Builds 1.7.4 Unaffected: 1783057868 , < * (rpm)
    cpe:/a:redhat:openshift_builds:1.7::el9
Create a notification for this product.
Red Hat Red Hat OpenShift Builds 1.8.1 Unaffected: 1784121108 , < * (rpm)
    cpe:/a:redhat:openshift_builds:1.8::el9
Create a notification for this product.
Red Hat Red Hat OpenShift Builds 1.8.1 Unaffected: 1783612119 , < * (rpm)
    cpe:/a:redhat:openshift_builds:1.8::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932114 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782931768 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932104 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783536000 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783535989 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783536515 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932521 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783018461 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783018421 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932812 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783537001 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932919 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783537586 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782932969 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933015 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933042 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783537392 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933235 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933251 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783537955 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933417 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783537742 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782933602 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1783019377 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782934054 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782934036 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat Openshift Data Foundation 4.22 Unaffected: 1782934284 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.22::el9
Create a notification for this product.
Red Hat Red Hat OpenShift Dev Spaces 3.29 Unaffected: 1782403274 , < * (rpm)
    cpe:/a:redhat:openshift_devspaces:3.29::el9
Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer 1.4 Unaffected: 4-1.4.2 , < * (rpm)
    cpe:/a:redhat:trusted_artifact_signer:1.4::el9
Create a notification for this product.
Red Hat Assisted Installer for Red Hat OpenShift Container Platform 2     cpe:/a:redhat:assisted_installer:2
Create a notification for this product.
Red Hat cert-manager Operator for Red Hat OpenShift     cpe:/a:redhat:cert_manager:1
Create a notification for this product.
Red Hat Confidential Compute Attestation     cpe:/a:redhat:confidential_compute_attestation:1
Create a notification for this product.
Red Hat Cryostat 4     cpe:/a:redhat:cryostat:4
Create a notification for this product.
Red Hat External Secrets Operator for Red Hat OpenShift     cpe:/a:redhat:external_secrets_operator:1
Create a notification for this product.
Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
Red Hat OpenShift API for Data Protection     cpe:/a:redhat:openshift_api_data_protection:1
Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI) 3     cpe:/a:redhat:enterprise_linux_ai:3
Create a notification for this product.
Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
Create a notification for this product.
Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
Create a notification for this product.
Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
Red Hat Red Hat OpenStack Platform 18.0     cpe:/a:redhat:openstack:18.0
Create a notification for this product.
Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
Create a notification for this product.
Red Hat Security Profiles Operator     cpe:/a:redhat:openshift_security_profiles_operator:1
Create a notification for this product.
Red Hat Zero Trust Workload Identity Manager     cpe:/a:redhat:zero_trust_workload_identity_manager:1
Create a notification for this product.
Red Hat Zero Trust Workload Identity Manager - Tech Preview     cpe:/a:redhat:zero_trust_workload_identity_manager:0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-46595",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-22T18:21:12.222019Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-863",
                "description": "CWE-863 Incorrect Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-22T18:21:43.315Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.0::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "flightctl",
            "product": "RHEM 1.0 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.0.3-1.el9em",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.1::el10"
            ],
            "defaultStatus": "affected",
            "packageName": "flightctl",
            "product": "RHEM 1.1 for RHEL 10",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.1.3-1.el10em",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.1:el9"
            ],
            "defaultStatus": "affected",
            "packageName": "flightctl",
            "product": "RHEM 1.1 for RHEL 9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0:1.1.3-1.el9em",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:devworkspace:0.42::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "devworkspace/devworkspace-rhel9-operator",
            "product": "DevWorkspace Operator 0.42",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782401674",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/addon-manager-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782160196",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/kube-rbac-proxy-mce-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782477094",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/placement-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782160009",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/registration-operator-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782160210",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/registration-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782160541",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine:2.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/work-rhel9",
            "product": "multicluster engine for Kubernetes 2.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782159773",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:acm:2.13::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/acm-grafana-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782383730",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:acm:2.13::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/kube-rbac-proxy-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782488873",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:acm:2.13::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/multicluster-observability-rhel9-operator",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782382711",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
            ],
            "defaultStatus": "affected",
            "packageName": "advanced-cluster-security/rhacs-main-rhel8",
            "product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1781686458",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:advanced_cluster_security:4.11::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "advanced-cluster-security/rhacs-main-rhel9",
            "product": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783352589",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
            ],
            "defaultStatus": "affected",
            "packageName": "advanced-cluster-security/rhacs-main-rhel8",
            "product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1781686446",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.0::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhem/flightctl-api-rhel9",
            "product": "Red Hat Edge Manager 1.0",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783502025",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.1::el10"
            ],
            "defaultStatus": "affected",
            "packageName": "rhem/flightctl-api-rhel10",
            "product": "Red Hat Edge Manager 1.1",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1784196588",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:edge_manager:1.1::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhem/flightctl-api-rhel9",
            "product": "Red Hat Edge Manager 1.1",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1784126780",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/disk-image-cuda-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782804957",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-aws-cuda-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782758407",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-azure-cuda-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782758410",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-azure-rocm-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782754093",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-cuda-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782744816",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-gcp-cuda-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782758409",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhelai3/bootc-rocm-rhel9",
            "product": "Red Hat Enterprise Linux AI 3.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782744830",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:hummingbird:1"
            ],
            "defaultStatus": "affected",
            "packageName": "golang1-25-main",
            "product": "Red Hat Hardened Images",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1.25.11-2.hum1",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:hummingbird:1"
            ],
            "defaultStatus": "affected",
            "packageName": "golang1-26-main",
            "product": "Red Hat Hardened Images",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1.26.4-2.hum1",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_ai:3.3::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhoai/odh-trainer-rhel9",
            "product": "Red Hat OpenShift AI 3.3",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782471656",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_builds:1.7::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-builds/openshift-builds-waiters-rhel9",
            "product": "Red Hat OpenShift Builds 1.7.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783057868",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_builds:1.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-builds/openshift-builds-rhel9-operator",
            "product": "Red Hat OpenShift Builds 1.8.1",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1784121108",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_builds:1.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-builds/openshift-builds-waiters-rhel9",
            "product": "Red Hat OpenShift Builds 1.8.1",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783612119",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/cephcsi-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932114",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/cephcsi-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782931768",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/devicefinder-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932104",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/mcg-core-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783536000",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/mcg-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783535989",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/ocs-client-console-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783536515",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/ocs-client-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932521",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/ocs-metrics-exporter-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783018461",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/ocs-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783018421",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-blackbox-exporter-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932812",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-cli-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783537001",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-cloudnative-pg-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932919",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-console-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783537586",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-cosi-sidecar-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782932969",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-csi-addons-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933015",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-csi-addons-sidecar-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933042",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-drbd-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783537392",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-external-snapshotter-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933235",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-external-snapshotter-sidecar-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933251",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-multicluster-console-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783537955",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-multicluster-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933417",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-must-gather-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783537742",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odf-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782933602",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odr-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1783019377",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odr-volsync-plugin-mover-rhel9",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782934054",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/odr-volsync-plugin-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782934036",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_data_foundation:4.22::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "odf4/rook-ceph-rhel9-operator",
            "product": "Red Hat Openshift Data Foundation 4.22",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782934284",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:openshift_devspaces:3.29::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "devspaces/traefik-rhel9",
            "product": "Red Hat OpenShift Dev Spaces 3.29",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1782403274",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "conforma-cli-stack-v1",
            "product": "Red Hat Trusted Artifact Signer 1.4",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "4-1.4.2",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:assisted_installer:2"
            ],
            "defaultStatus": "affected",
            "packageName": "assisted/agent-preinstall-image-builder-rhel9",
            "product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:cert_manager:1"
            ],
            "defaultStatus": "affected",
            "packageName": "cert-manager/jetstack-cert-manager-rhel9",
            "product": "cert-manager Operator for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:confidential_compute_attestation:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
            "product": "Confidential Compute Attestation",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:cryostat:4"
            ],
            "defaultStatus": "affected",
            "packageName": "cryostat/cryostat-storage-rhel9",
            "product": "Cryostat 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:external_secrets_operator:1"
            ],
            "defaultStatus": "affected",
            "packageName": "external-secrets-operator/external-secrets-rhel9",
            "product": "External Secrets Operator for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/assisted-service-8-rhel8",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/assisted-service-9-rhel9",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/backplane-rhel9-operator",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/cluster-image-set-controller-rhel9",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "unknown",
            "packageName": "multicluster-engine/hypershift-addon-rhel9-operator",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/managedcluster-import-controller",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:multicluster_engine"
            ],
            "defaultStatus": "affected",
            "packageName": "multicluster-engine/multicloud-manager-rhel9",
            "product": "Multicluster Engine for Kubernetes",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_api_data_protection:1"
            ],
            "defaultStatus": "unknown",
            "packageName": "oadp/oadp-velero-rhel9",
            "product": "OpenShift API for Data Protection",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_pipelines:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-pipelines-client",
            "product": "OpenShift Pipelines",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:serverless:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-serverless-1/kn-plugin-func-func-util-rhel9",
            "product": "OpenShift Serverless",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:serverless:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-serverless-clients",
            "product": "OpenShift Serverless",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/multicloud-integrations-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/multiclusterhub-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/multicluster-operators-channel-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/multicluster-operators-subscription-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/observatorium-rhel9-operator",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "affected",
            "packageName": "rhacm2/volsync-rhel9",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:ceph_storage:9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhceph/alloy-rhel10",
            "product": "Red Hat Ceph Storage 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "buildah",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "golang",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "affected",
            "packageName": "gvisor-tap-vsock",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "podman",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "trustee",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "packageName": "container-tools:rhel8/buildah",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "packageName": "container-tools:rhel8/podman",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "packageName": "golang",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "packageName": "buildah",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "packageName": "golang",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "affected",
            "packageName": "gvisor-tap-vsock",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "packageName": "podman",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:enterprise_linux_ai:3"
            ],
            "defaultStatus": "affected",
            "packageName": "golang",
            "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_ai"
            ],
            "defaultStatus": "affected",
            "packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9",
            "product": "Red Hat OpenShift AI (RHOAI)",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_ai"
            ],
            "defaultStatus": "affected",
            "packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9",
            "product": "Red Hat OpenShift AI (RHOAI)",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_ai"
            ],
            "defaultStatus": "unaffected",
            "packageName": "rhoai/odh-model-registry-rhel8",
            "product": "Red Hat OpenShift AI (RHOAI)",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_ai"
            ],
            "defaultStatus": "unaffected",
            "packageName": "rhoai/odh-model-registry-rhel9",
            "product": "Red Hat OpenShift AI (RHOAI)",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "packageName": "cri-o",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "packageName": "microshift",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unknown",
            "packageName": "openshift4/ose-hypershift-rhel9",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift4/ose-ptp",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift4/ose-ptp-rhel9",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift4/ose-vsphere-csi-driver-rhel8",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift4/ose-vsphere-csi-driver-rhel9",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift4-wincw/windows-machine-config-rhel8-operator",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "ose-azure-acr-image-credential-provider",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift:4"
            ],
            "defaultStatus": "unaffected",
            "packageName": "podman",
            "product": "Red Hat OpenShift Container Platform 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:windows_machine_config"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
            "product": "Red Hat OpenShift for Windows Containers",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-gitops-1/argocd-rhel8",
            "product": "Red Hat OpenShift GitOps",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_gitops:1"
            ],
            "defaultStatus": "affected",
            "packageName": "openshift-gitops-1/argocd-rhel9",
            "product": "Red Hat OpenShift GitOps",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_service_on_aws:1"
            ],
            "defaultStatus": "affected",
            "packageName": "rosa",
            "product": "Red Hat OpenShift on AWS",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:container_native_virtualization:4"
            ],
            "defaultStatus": "affected",
            "packageName": "kubevirt",
            "product": "Red Hat OpenShift Virtualization 4",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openstack:16.2"
            ],
            "defaultStatus": "unaffected",
            "packageName": "golang-googlecode-go-crypto",
            "product": "Red Hat OpenStack Platform 16.2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openstack:16.2"
            ],
            "defaultStatus": "unaffected",
            "packageName": "rhosp-rhel8/osp-director-agent",
            "product": "Red Hat OpenStack Platform 16.2",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openstack:17.1"
            ],
            "defaultStatus": "unaffected",
            "packageName": "rhosp-rhel9/osp-director-agent",
            "product": "Red Hat OpenStack Platform 17.1",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openstack:18.0"
            ],
            "defaultStatus": "affected",
            "packageName": "rhoso-operators/octavia-rhel9-operator",
            "product": "Red Hat OpenStack Platform 18.0",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:quay:3"
            ],
            "defaultStatus": "affected",
            "packageName": "quay/quay-builder-rhel8",
            "product": "Red Hat Quay 3",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:quay:3"
            ],
            "defaultStatus": "affected",
            "packageName": "quay/quay-builder-rhel9",
            "product": "Red Hat Quay 3",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:openshift_security_profiles_operator:1"
            ],
            "defaultStatus": "affected",
            "packageName": "compliance/openshift-security-profiles-rhel8-operator",
            "product": "Security Profiles Operator",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:zero_trust_workload_identity_manager:1"
            ],
            "defaultStatus": "affected",
            "packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
            "product": "Zero Trust Workload Identity Manager",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:zero_trust_workload_identity_manager:0"
            ],
            "defaultStatus": "affected",
            "packageName": "zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9",
            "product": "Zero Trust Workload Identity Manager - Tech Preview",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-05-22T02:31:27.894Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-303",
                "description": "Incorrect Implementation of Authentication Algorithm",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-17T12:04:42.205Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-46595"
          },
          {
            "name": "RHBZ#2480689",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46595.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:41019"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36796"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36808"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:30651"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:26547"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36207"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:26546"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36651"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:40945"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:40118"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33531"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:33524"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:23262"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:23264"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:37275"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36648"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:41036"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36820"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:37387"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:36797"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:30650"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:41019: RHEM 1.1 for RHEL 10, RHEM 1.1 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36808: DevWorkspace Operator 0.42"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:30651: Red Hat Advanced Cluster Management for Kubernetes 2.13"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:40945: Red Hat Edge Manager 1.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:40118: Red Hat Edge Manager 1.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33531: Red Hat Enterprise Linux AI 3.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:33524: Red Hat Enterprise Linux AI 3.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:23262: Red Hat Hardened Images"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:23264: Red Hat Hardened Images"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:37275: Red Hat OpenShift AI 3.3"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:41036: Red Hat OpenShift Builds 1.8.1"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36820: Red Hat OpenShift Dev Spaces 3.29"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:30650: multicluster engine for Kubernetes 2.8"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-22T04:01:52.215Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-05-22T02:31:27.894Z",
            "value": "Made public."
          }
        ],
        "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
        "workarounds": [
          {
            "lang": "en",
            "value": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended."
          }
        ],
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "connection.serverAuthenticate"
            },
            {
              "name": "NewServerConn"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.52.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-22T02:31:27.894Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/79570"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
        },
        {
          "url": "https://go.dev/cl/781642"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2026-5023"
        }
      ],
      "title": "Invoking  VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2026-46595",
    "datePublished": "2026-05-22T02:31:27.894Z",
    "dateReserved": "2026-05-15T17:35:00.813Z",
    "dateUpdated": "2026-07-17T12:04:42.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-46595",
      "date": "2026-07-18",
      "epss": "0.0044",
      "percentile": "0.35675"
    },
    "microsoft_vex": {
      "current_release_date": "2026-06-02T01:41:43.000Z",
      "cve": "CVE-2026-46595",
      "id": "msrc_CVE-2026-46595",
      "initial_release_date": "2026-05-02T00:00:00.000Z",
      "product_status:known_not_affected": "5",
      "source": "Microsoft CSAF VEX",
      "status": "final",
      "title": "Invoking  VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh",
      "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-46595.json",
      "version": "2"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-46595\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-05-22T04:16:25.550\",\"lastModified\":\"2026-07-17T13:18:50.017\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/crypto\",\"product\":\"golang.org/x/crypto/ssh\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/crypto/ssh\",\"programRoutines\":[{\"name\":\"connection.serverAuthenticate\"},{\"name\":\"NewServerConn\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.52.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.0 for RHEL 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"flightctl\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"],\"versions\":[{\"version\":\"0:1.0.3-1.el9em\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.1 for RHEL 10\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"flightctl\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.1::el10\"],\"versions\":[{\"version\":\"0:1.1.3-1.el10em\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.1 for RHEL 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"flightctl\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.1:el9\"],\"versions\":[{\"version\":\"0:1.1.3-1.el9em\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"DevWorkspace Operator 0.42\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"devworkspace/devworkspace-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:devworkspace:0.42::el9\"],\"versions\":[{\"version\":\"1782401674\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/addon-manager-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782160196\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/kube-rbac-proxy-mce-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782477094\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/placement-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782160009\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/registration-operator-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782160210\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/registration-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782160541\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"multicluster-engine/work-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"],\"versions\":[{\"version\":\"1782159773\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.13\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhacm2/acm-grafana-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2.13::el9\"],\"versions\":[{\"version\":\"1782383730\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.13\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhacm2/kube-rbac-proxy-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2.13::el9\"],\"versions\":[{\"version\":\"1782488873\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.13\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhacm2/multicluster-observability-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:acm:2.13::el9\"],\"versions\":[{\"version\":\"1782382711\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"advanced-cluster-security/rhacs-main-rhel8\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"],\"versions\":[{\"version\":\"1781686458\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.11\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"advanced-cluster-security/rhacs-main-rhel9\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"],\"versions\":[{\"version\":\"1783352589\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"advanced-cluster-security/rhacs-main-rhel8\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"],\"versions\":[{\"version\":\"1781686446\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.0\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhem/flightctl-api-rhel9\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"],\"versions\":[{\"version\":\"1783502025\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.1\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhem/flightctl-api-rhel10\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.1::el10\"],\"versions\":[{\"version\":\"1784196588\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.1\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhem/flightctl-api-rhel9\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.1::el9\"],\"versions\":[{\"version\":\"1784126780\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/disk-image-cuda-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782804957\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-aws-cuda-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782758407\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-azure-cuda-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782758410\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-azure-rocm-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782754093\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-cuda-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782744816\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-gcp-cuda-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782758409\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhelai3/bootc-rocm-rhel9\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"],\"versions\":[{\"version\":\"1782744830\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang1-25-main\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"],\"versions\":[{\"version\":\"1.25.11-2.hum1\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang1-26-main\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"],\"versions\":[{\"version\":\"1.26.4-2.hum1\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 3.3\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"rhoai/odh-trainer-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:3.3::el9\"],\"versions\":[{\"version\":\"1782471656\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.7.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"openshift-builds/openshift-builds-waiters-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.7::el9\"],\"versions\":[{\"version\":\"1783057868\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.8.1\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"openshift-builds/openshift-builds-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.8::el9\"],\"versions\":[{\"version\":\"1784121108\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.8.1\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"openshift-builds/openshift-builds-waiters-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.8::el9\"],\"versions\":[{\"version\":\"1783612119\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/cephcsi-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932114\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/cephcsi-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782931768\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/devicefinder-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932104\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/mcg-core-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783536000\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/mcg-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783535989\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/ocs-client-console-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783536515\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/ocs-client-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932521\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/ocs-metrics-exporter-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783018461\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/ocs-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783018421\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-blackbox-exporter-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932812\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-cli-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783537001\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-cloudnative-pg-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932919\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-console-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783537586\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-cosi-sidecar-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782932969\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-csi-addons-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933015\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-csi-addons-sidecar-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933042\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-drbd-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783537392\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-external-snapshotter-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933235\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-external-snapshotter-sidecar-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933251\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-multicluster-console-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783537955\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-multicluster-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933417\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-must-gather-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783537742\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odf-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782933602\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odr-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1783019377\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odr-volsync-plugin-mover-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782934054\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/odr-volsync-plugin-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782934036\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"odf4/rook-ceph-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"],\"versions\":[{\"version\":\"1782934284\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.29\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://catalog.redhat.com/software/containers/\",\"packageName\":\"devspaces/traefik-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.29::el9\"],\"versions\":[{\"version\":\"1782403274\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"conforma-cli-stack-v1\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"],\"versions\":[{\"version\":\"4-1.4.2\",\"lessThan\":\"*\",\"versionType\":\"rpm\",\"status\":\"unaffected\"}]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"assisted/agent-preinstall-image-builder-rhel9\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"cert-manager/jetstack-cert-manager-rhel9\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-sandboxed-containers/osc-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"cryostat/cryostat-storage-rhel9\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"external-secrets-operator/external-secrets-rhel9\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/assisted-service-8-rhel8\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/assisted-service-9-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/backplane-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/cluster-image-set-controller-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"unknown\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/hypershift-addon-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/managedcluster-import-controller\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"multicluster-engine/multicloud-manager-rhel9\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection\",\"defaultStatus\":\"unknown\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"oadp/oadp-velero-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-pipelines-client\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-serverless-1/kn-plugin-func-func-util-rhel9\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-serverless-clients\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/multicloud-integrations-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/multiclusterhub-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/multicluster-operators-channel-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/multicluster-operators-subscription-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/observatorium-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhacm2/volsync-rhel9\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhceph/alloy-rhel10\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"buildah\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"gvisor-tap-vsock\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"podman\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"trustee\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"container-tools:rhel8/buildah\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"container-tools:rhel8/podman\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"buildah\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"gvisor-tap-vsock\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"podman\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhoai/odh-data-science-pipelines-argo-argoexec-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhoai/odh-model-registry-rhel8\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhoai/odh-model-registry-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"cri-o\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"microshift\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unknown\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4/ose-hypershift-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4/ose-ptp\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4/ose-ptp-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4/ose-vsphere-csi-driver-rhel8\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4/ose-vsphere-csi-driver-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4-wincw/windows-machine-config-rhel8-operator\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"ose-azure-acr-image-credential-provider\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"podman\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift4-wincw/windows-machine-config-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-gitops-1/argocd-rhel8\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"openshift-gitops-1/argocd-rhel9\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rosa\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"kubevirt\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"golang-googlecode-go-crypto\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhosp-rhel8/osp-director-agent\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhosp-rhel9/osp-director-agent\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"rhoso-operators/octavia-rhel9-operator\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"quay/quay-builder-rhel8\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"quay/quay-builder-rhel9\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"compliance/openshift-security-profiles-rhel8-operator\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"collectionURL\":\"https://access.redhat.com/downloads/content/package-browser/\",\"packageName\":\"zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.6,\"impactScore\":5.5}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-22T18:21:12.222019Z\",\"id\":\"CVE-2026-46595\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-303\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.52.0\",\"matchCriteriaId\":\"D540395B-31B8-4B07-8F79-F5C631BBD5C8\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/781642\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://go.dev/issue/79570\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-5023\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23262\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23264\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26546\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26547\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30650\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33524\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33531\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36207\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36648\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36796\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36797\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36808\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36820\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37275\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37387\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:40118\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:40945\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:41019\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:41036\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-46595\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2480689\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46595.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
    "redhat_vex": {
      "aggregate_severity": "Important",
      "current_release_date": "2026-07-17T07:25:01+00:00",
      "cve": "CVE-2026-46595",
      "id": "CVE-2026-46595",
      "initial_release_date": "2026-05-22T02:31:27.894000+00:00",
      "product_status:fixed": "237",
      "product_status:known_affected": "61",
      "product_status:known_not_affected": "987",
      "product_status:under_investigation": "3",
      "source": "Red Hat CSAF VEX",
      "status": "final",
      "title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46595.json",
      "version": "3"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.0 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.0.3-1.el9em\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"flightctl\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.1::el10\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.1 for RHEL 10\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.1.3-1.el10em\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"flightctl\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.1:el9\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.1.3-1.el9em\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"flightctl\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace:0.42::el9\"], \"vendor\": \"Red Hat\", \"product\": \"DevWorkspace Operator 0.42\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782401674\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"devworkspace/devworkspace-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782160196\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/addon-manager-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782477094\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/kube-rbac-proxy-mce-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782160009\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/placement-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782160210\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/registration-operator-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782160541\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/registration-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782159773\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"multicluster-engine/work-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782383730\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhacm2/acm-grafana-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782488873\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhacm2/kube-rbac-proxy-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.13\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782382711\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhacm2/multicluster-observability-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1781686458\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.11\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783352589\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1781686446\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.0\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783502025\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhem/flightctl-api-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.1::el10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1784196588\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhem/flightctl-api-rhel10\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1784126780\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhem/flightctl-api-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782804957\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/disk-image-cuda-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782758407\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-aws-cuda-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782758410\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-azure-cuda-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782754093\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-azure-rocm-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782744816\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-cuda-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782758409\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-gcp-cuda-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782744830\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhelai3/bootc-rocm-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.25.11-2.hum1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"golang1-25-main\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.26.4-2.hum1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"golang1-26-main\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 3.3\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782471656\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"rhoai/odh-trainer-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.7.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783057868\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-builds/openshift-builds-waiters-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.8.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1784121108\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-builds/openshift-builds-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.8.1\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783612119\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"openshift-builds/openshift-builds-waiters-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932114\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/cephcsi-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782931768\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/cephcsi-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932104\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/devicefinder-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783536000\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/mcg-core-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783535989\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/mcg-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783536515\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/ocs-client-console-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932521\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/ocs-client-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783018461\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/ocs-metrics-exporter-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783018421\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/ocs-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932812\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-blackbox-exporter-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783537001\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-cli-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932919\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-cloudnative-pg-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783537586\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-console-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782932969\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-cosi-sidecar-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933015\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-csi-addons-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933042\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-csi-addons-sidecar-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783537392\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-drbd-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933235\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-external-snapshotter-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933251\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-external-snapshotter-sidecar-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783537955\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-multicluster-console-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933417\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-multicluster-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783537742\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-must-gather-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782933602\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odf-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1783019377\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odr-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782934054\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odr-volsync-plugin-mover-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782934036\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/odr-volsync-plugin-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782934284\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"odf4/rook-ceph-rhel9-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.29::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.29\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1782403274\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"devspaces/traefik-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.4\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4-1.4.2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"conforma-cli-stack-v1\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"packageName\": \"assisted/agent-preinstall-image-builder-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"packageName\": \"cert-manager/jetstack-cert-manager-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"packageName\": \"openshift-sandboxed-containers/osc-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"packageName\": \"cryostat/cryostat-storage-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"packageName\": \"external-secrets-operator/external-secrets-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/assisted-service-8-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/assisted-service-9-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/backplane-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/cluster-image-set-controller-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/hypershift-addon-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/managedcluster-import-controller\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"packageName\": \"multicluster-engine/multicloud-manager-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection\", \"packageName\": \"oadp/oadp-velero-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines-client\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-1/kn-plugin-func-func-util-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-clients\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/multicloud-integrations-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/multiclusterhub-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/multicluster-operators-channel-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/multicluster-operators-subscription-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/observatorium-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/volsync-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 9\", \"packageName\": \"rhceph/alloy-rhel10\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"golang\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"gvisor-tap-vsock\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"trustee\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"container-tools:rhel8/buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"container-tools:rhel8/podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"golang\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"buildah\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"golang\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"gvisor-tap-vsock\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"packageName\": \"golang\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-data-science-pipelines-argo-argoexec-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-model-registry-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-model-registry-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"cri-o\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"microshift\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-hypershift-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-ptp\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-ptp-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-vsphere-csi-driver-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-vsphere-csi-driver-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4-wincw/windows-machine-config-rhel8-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"ose-azure-acr-image-credential-provider\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"podman\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"packageName\": \"openshift4-wincw/windows-machine-config-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/argocd-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/argocd-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"packageName\": \"rosa\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"packageName\": \"kubevirt\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"golang-googlecode-go-crypto\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"rhosp-rhel8/osp-director-agent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"packageName\": \"rhosp-rhel9/osp-director-agent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"packageName\": \"rhoso-operators/octavia-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"packageName\": \"quay/quay-builder-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"packageName\": \"quay/quay-builder-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"packageName\": \"compliance/openshift-security-profiles-rhel8-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"packageName\": \"zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"packageName\": \"zero-trust-workload-identity-manager/spiffe-spire-agent-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-22T04:01:52.215Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-22T02:31:27.894Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:41019: RHEM 1.1 for RHEL 10, RHEM 1.1 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36796: RHEM 1.0 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36808: DevWorkspace Operator 0.42\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:30651: Red Hat Advanced Cluster Management for Kubernetes 2.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36651: Red Hat Edge Manager 1.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:40945: Red Hat Edge Manager 1.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:40118: Red Hat Edge Manager 1.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33531: Red Hat Enterprise Linux AI 3.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33524: Red Hat Enterprise Linux AI 3.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23262: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23264: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37275: Red Hat OpenShift AI 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:41036: Red Hat OpenShift Builds 1.8.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36820: Red Hat OpenShift Dev Spaces 3.29\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:30650: multicluster engine for Kubernetes 2.8\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-22T02:31:27.894Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-46595\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2480689\", \"name\": \"RHBZ#2480689\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46595.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:41019\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36808\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:30651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26547\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36207\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26546\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:40945\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:40118\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33531\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33524\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23262\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23264\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37275\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36648\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:41036\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36820\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37387\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36797\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:30650\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-303\", \"description\": \"Incorrect Implementation of Authentication Algorithm\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-17T12:04:42.205Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46595\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-22T18:21:12.222019Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863 Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-22T18:20:15.936Z\"}}], \"cna\": {\"title\": \"Invoking  VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh\", \"affected\": [{\"vendor\": \"golang.org/x/crypto\", \"product\": \"golang.org/x/crypto/ssh\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.52.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/crypto/ssh\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"connection.serverAuthenticate\"}, {\"name\": \"NewServerConn\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/79570\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\"}, {\"url\": \"https://go.dev/cl/781642\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-5023\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-05-22T02:31:27.894Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-46595\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-17T12:04:42.205Z\", \"dateReserved\": \"2026-05-15T17:35:00.813Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-05-22T02:31:27.894Z\", \"assignerShortName\": \"Go\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…