RHSA-2026:1652
Vulnerability from csaf_redhat - Published: 2026-02-02 02:51 - Updated: 2026-02-12 09:51Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1652",
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-5642",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13601",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4598",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6075",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1652.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-02-12T09:51:46+00:00",
"generator": {
"date": "2026-02-12T09:51:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1652",
"initial_release_date": "2026-02-02T02:51:27+00:00",
"revision_history": [
{
"date": "2026-02-02T02:51:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T02:51:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-12T09:51:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 8",
"product": {
"name": "Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Aab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Aa5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Ac1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aa45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ab52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768915405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Af8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768907469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Afa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ab97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768902743"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512383"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1768903749"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294682"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python/CPython that does not disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols(), which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with a Low severity due to NPN not being widely used and specifying an empty list is likely uncommon in practice. Typically, a protocol name would be configured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "RHBZ#2294682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-05-29T19:04:54.578000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369242"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was rated as having a severity of Moderate due to the complexity to exploit this flaw. The attacker needs to setup a way to win the race condition and have an unprivileged local account to successfully exploit this vulnerability.\n\nBy default Red Hat Enterprise Linux 8 doesn\u0027t allow systemd-coredump to create dumps of SUID programs as the /proc/sys/fs/suid_dumpable is set to 0, disabling by default this capability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "RHBZ#2369242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/29/3",
"url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
}
],
"release_date": "2025-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
},
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-6075",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-31T17:01:47.052517+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408891"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in Python\u2019s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Quadratic complexity in os.path.expandvars() with user-controlled template",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low rather than Moderate because it only causes a performance inefficiency without affecting code execution, data integrity, or confidentiality. The flaw lies in the algorithmic complexity of os.path.expandvars(), which can become quadratic when processing crafted input containing repetitive or nested environment variable references. Exploitation requires the attacker to control the input string passed to this function, which is uncommon in secure applications. Moreover, the impact is limited to increased CPU utilization and potential slowdown, not system compromise or data manipulation. Since the issue does not introduce memory corruption, privilege escalation, or information disclosure risks, its overall impact scope and exploitability are minimal, justifying a Low severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "RHBZ#2408891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/136065",
"url": "https://github.com/python/cpython/issues/136065"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"
}
],
"release_date": "2025-10-31T16:41:34.983000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Quadratic complexity in os.path.expandvars() with user-controlled template"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-13601",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-11-24T12:49:28.274000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416741"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Integer overflow in in g_escape_uri_string()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13601"
},
{
"category": "external",
"summary": "RHBZ#2416741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13601"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3827"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914",
"url": "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914"
}
],
"release_date": "2025-11-24T13:00:15.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Integer overflow in in g_escape_uri_string()"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T02:51:27+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:2b5cf457f26d63afad72ab44cdc4422fb9fddb69394924d3b91c0ea5a769c180_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:907dc2b4f568b4c03c88c46ada8cfbc93b695499be6284ed6a27b04ddd01e6b9_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ab6890d8ec728ce45cdcaf794f3589fcd9fc994d34e409abb7daa7e7b7b7bab5_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b52ec296c418fa881b0e95ed15ab2042f563f805e0fddb959456ca4a8bc3c934_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:50ef4035820e9678036be404f34182b993185162861fa7812f1a50ce5a12afd1_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:9bd6c2e38c83c0298983c0194ee5e0700f925db68595e415554d39060686492e_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a45576c219dbb118701238cbb13f9f0d59e2c1f141ebd7fb40164d9aef5bc143_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:fa90f5711868742cdb5d8b9288150bdf6c190756c021f5b6c4a4283d97b260c1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:9e4f3ffb68eae556a6d34426903430173e4563eea3ea5d6720ce9b5b43c2dbda_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c1c3e3e46bb57c2c99378b7336aa2c2015b7279dcb3df7fdccc8c3dee1522ba6_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:2f0246de4436b3da81abbb1b4335f9b6ea1c2b258110d17ec839996fb5442413_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:660918f5f35b92f89cc172a37d07020874ce4a28e6b03ddc715e999594cfbffd_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:a5bf40d4c25c2fc20e141421265c890d5eca0db43fad9b8d74bef206445d4a4d_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:f8aad8047ae755ffd97d68a7cd2894ee1e454f87531f5cce75130b2ed32a695e_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:0329153c21720eeaea09eb6e2a1e7882b70c01109df8d9ff921c31e66420500e_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6926fe9ec272c61350c8f90282d69c6da8c2e07255172a36a879f7c5b20d8b6b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:80da04b7f5201a853254479a1063a37fc2c15955011996a81360e7f7cf0c29eb_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:b97bb92014a6a4cbd85c0324273e12c534c3a1809a1da1b3d2b5660b50f45320_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:31df4eb32846b4fb60838ad4f10aee1558e52312b69fb58bf128238406de0681_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:4053cae7e54ff720df9fa3eee654ba8bd91a367d51bb5075f95a1612dbca86a7_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:53c686b1767d342e5c8a5ff112b0c53db9707394fd7c7ae63b2a11ef1b3bf20d_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:6389bd532d276b37efaad5a37245699d8e055d81c4be4b30907d5a8e1ea6bc80_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…