RHSA-2026:1859
Vulnerability from csaf_redhat - Published: 2026-02-03 17:24 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update
Notes
Topic
An updated OpenShift Compliance Operator image that fixes various bugs and adds new
enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Details
The OpenShift Compliance Operator v1.8.2 is now available.
See the documentation for bug fix information:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift Compliance Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The OpenShift Compliance Operator v1.8.2 is now available.\nSee the documentation for bug fix information:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1859",
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1859.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-02-03T20:56:16+00:00",
"generator": {
"date": "2026-02-03T20:56:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1859",
"initial_release_date": "2026-02-03T17:24:45+00:00",
"revision_history": [
{
"date": "2026-02-03T17:24:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Compliance Operator 1",
"product": {
"name": "Compliance Operator 1",
"product_id": "Compliance Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_compliance_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "Compliance Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-operator-bundle@sha256%3Addc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769512879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ab28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Ac49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3Ab91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Ac3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ac630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ad4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Aeba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3A616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"relates_to_product_reference": "Compliance Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"known_not_affected": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:24:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…