Vulnerability-Lookup

RHSA-2026:20938

Vulnerability from csaf_redhat - Published: 2026-05-26 14:29 - Updated: 2026-05-27 14:19

Summary

Red Hat Security Advisory: RHACS 4.9.7 security and bug fix update

Severity

Important

Notes

Topic: Updated images are now available for Red Hat Advanced Cluster Security (RHACS), which typically include new features, bug fixes, and/or security patches.

Details: See the release notes (link in the references section) for a description of the fixes and enhancements in this particular release.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-62718

A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.

7.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-1289 - Improper Validation of Unsafe Equivalence in Input

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix Workaround

Known not affected 41 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le	—	Workaround

Threats

Impact Important

CVE-2026-32281

A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1050 - Excessive Platform Resource Consumption within a Loop

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix Workaround

Known not affected 41 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2026-40175

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-40895

A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-42033

A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-42035

A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix Workaround

Known not affected 41 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2026-42039

A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-42041

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-42043

A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix

Known not affected 41 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64		—
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le		—

Threats

Impact Important

CVE-2026-42044

A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x	—	Vendor Fix fix Workaround

Known not affected 41 products

Product	Version	Remediation
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64	—	Workaround
Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le	—	Workaround

Threats

Impact Important

References

74 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:20938	self
https://access.redhat.com/security/cve/CVE-2025-62718	external
https://access.redhat.com/security/cve/CVE-2026-32281	external
https://access.redhat.com/security/cve/CVE-2026-40175	external
https://access.redhat.com/security/cve/CVE-2026-40895	external
https://access.redhat.com/security/cve/CVE-2026-42033	external
https://access.redhat.com/security/cve/CVE-2026-42035	external
https://access.redhat.com/security/cve/CVE-2026-42039	external
https://access.redhat.com/security/cve/CVE-2026-42041	external
https://access.redhat.com/security/cve/CVE-2026-42043	external
https://access.redhat.com/security/cve/CVE-2026-42044	external
https://access.redhat.com/security/updates/classi…	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-62718	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456913	external
https://www.cve.org/CVERecord?id=CVE-2025-62718	external
https://nvd.nist.gov/vuln/detail/CVE-2025-62718	external
https://datatracker.ietf.org/doc/html/rfc1034#sec…	external
https://datatracker.ietf.org/doc/html/rfc3986#sec…	external
https://github.com/axios/axios/commit/fb3befb6daa…	external
https://github.com/axios/axios/pull/10661	external
https://github.com/axios/axios/releases/tag/v1.15.0	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-32281	self
https://bugzilla.redhat.com/show_bug.cgi?id=2456333	external
https://www.cve.org/CVERecord?id=CVE-2026-32281	external
https://nvd.nist.gov/vuln/detail/CVE-2026-32281	external
https://go.dev/cl/758061	external
https://go.dev/issue/78281	external
https://groups.google.com/g/golang-announce/c/0uY…	external
https://pkg.go.dev/vuln/GO-2026-4946	external
https://access.redhat.com/security/cve/CVE-2026-40175	self
https://bugzilla.redhat.com/show_bug.cgi?id=2457432	external
https://www.cve.org/CVERecord?id=CVE-2026-40175	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40175	external
https://github.com/axios/axios/commit/363185461b9…	external
https://github.com/axios/axios/pull/10660	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-40895	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460297	external
https://www.cve.org/CVERecord?id=CVE-2026-40895	external
https://nvd.nist.gov/vuln/detail/CVE-2026-40895	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2026-42033	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461607	external
https://www.cve.org/CVERecord?id=CVE-2026-42033	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42033	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42035	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461606	external
https://www.cve.org/CVERecord?id=CVE-2026-42035	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42035	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42039	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461630	external
https://www.cve.org/CVERecord?id=CVE-2026-42039	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42039	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42041	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461629	external
https://www.cve.org/CVERecord?id=CVE-2026-42041	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42041	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42043	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461626	external
https://www.cve.org/CVERecord?id=CVE-2026-42043	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42043	external
https://github.com/axios/axios/security/advisorie…	external
https://access.redhat.com/security/cve/CVE-2026-42044	self
https://bugzilla.redhat.com/show_bug.cgi?id=2461624	external
https://www.cve.org/CVERecord?id=CVE-2026-42044	external
https://nvd.nist.gov/vuln/detail/CVE-2026-42044	external
https://github.com/axios/axios/security/advisorie…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:20938",
        "url": "https://access.redhat.com/errata/RHSA-2026:20938"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
        "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
        "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40175"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
        "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
        "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-497_release-notes-49",
        "url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-497_release-notes-49"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20938.json"
      }
    ],
    "title": "Red Hat Security Advisory: RHACS 4.9.7 security and bug fix update",
    "tracking": {
      "current_release_date": "2026-05-27T14:19:36+00:00",
      "generator": {
        "date": "2026-05-27T14:19:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:20938",
      "initial_release_date": "2026-05-26T14:29:00+00:00",
      "revision_history": [
        {
          "date": "2026-05-26T14:29:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-05-26T14:29:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-27T14:19:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
                "product": {
                  "name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
                  "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Cluster Security for Kubernetes"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256%3A95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256%3A57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Afa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ac0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ae1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Afb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ababe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ade5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aa493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aa252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ae9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
                "product": {
                  "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
                  "product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        },
        "product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
        "relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-62718",
      "cwe": {
        "id": "CWE-1289",
        "name": "Improper Validation of Unsafe Equivalence in Input"
      },
      "discovery_date": "2026-04-09T15:01:48.111177+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456913"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456913",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "category": "external",
          "summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10661",
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        }
      ],
      "release_date": "2026-04-09T14:31:46.067000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
    },
    {
      "cve": "CVE-2026-32281",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "discovery_date": "2026-04-08T02:01:00.930989+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2456333"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "RHBZ#2456333",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/758061",
          "url": "https://go.dev/cl/758061"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/78281",
          "url": "https://go.dev/issue/78281"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4946",
          "url": "https://pkg.go.dev/vuln/GO-2026-4946"
        }
      ],
      "release_date": "2026-04-08T01:06:58.354000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
    },
    {
      "cve": "CVE-2026-40175",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-10T20:02:10.296601+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2457432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "RHBZ#2457432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
          "url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/pull/10660",
          "url": "https://github.com/axios/axios/pull/10660"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
        }
      ],
      "release_date": "2026-04-10T19:23:52.285000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
    },
    {
      "cve": "CVE-2026-40895",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2026-04-21T21:02:33.280553+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "release_date": "2026-04-21T19:59:59.759000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
    },
    {
      "cve": "CVE-2026-42033",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:20.937507+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "release_date": "2026-04-24T17:36:44.132000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
    },
    {
      "cve": "CVE-2026-42035",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T18:01:17.109481+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461606"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461606",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "release_date": "2026-04-24T17:38:07.752000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
    },
    {
      "cve": "CVE-2026-42039",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2026-04-24T19:01:44.887156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461630"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461630",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "release_date": "2026-04-24T18:01:30.775000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
    },
    {
      "cve": "CVE-2026-42041",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:41.034289+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461629"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461629",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "release_date": "2026-04-24T17:55:30.036000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
    },
    {
      "cve": "CVE-2026-42043",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2026-04-24T19:01:22.552379+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461626"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: NO_PROXY bypass via crafted URL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461626",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "release_date": "2026-04-24T17:54:42.668000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: NO_PROXY bypass via crafted URL"
    },
    {
      "cve": "CVE-2026-42044",
      "cwe": {
        "id": "CWE-915",
        "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
      },
      "discovery_date": "2026-04-24T19:01:13.418725+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2461624"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
        ],
        "known_not_affected": [
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
          "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "RHBZ#2461624",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "release_date": "2026-04-24T17:49:49.517000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-26T14:29:00+00:00",
          "details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:20938"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
            "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
    }
  ]
}

CVE-2025-62718 (GCVE-0-2025-62718)

Vulnerability from cvelistv5 – Published: 2026-04-09 14:31 – Updated: 2026-04-16 18:44

Title

Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback addresses like localhost. (with a trailing dot) or [::1] (IPv6 literal) skip NO_PROXY matching and go through the configured proxy. This goes against what developers expect and lets attackers force requests through a proxy, even if NO_PROXY is set up to protect loopback or internal services. This issue leads to the possibility of proxy bypass and SSRF vulnerabilities allowing attackers to reach sensitive loopback or internal services despite the configured protections. This vulnerability is fixed in 1.15.0 and 0.31.0.

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

CWE

CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

GitHub_M

References

9 references

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM
https://github.com/axios/axios/pull/10661	x_refsource_MISC
https://github.com/axios/axios/pull/10688	x_refsource_MISC
https://github.com/axios/axios/commit/03cdfc99e8d…	x_refsource_MISC
https://github.com/axios/axios/commit/fb3befb6daa…	x_refsource_MISC
https://datatracker.ietf.org/doc/html/rfc1034#sec…	x_refsource_MISC
https://datatracker.ietf.org/doc/html/rfc3986#sec…	x_refsource_MISC
https://github.com/axios/axios/releases/tag/v0.31.0	x_refsource_MISC
https://github.com/axios/axios/releases/tag/v1.15.0	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.0 Affected: < 0.31.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-62718",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-09T15:02:50.313939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-09T16:15:31.322Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.0"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback addresses like localhost. (with a trailing dot) or [::1] (IPv6 literal) skip NO_PROXY matching and go through the configured proxy. This goes against what developers expect and lets attackers force requests through a proxy, even if NO_PROXY is set up to protect loopback or internal services. This issue leads to the possibility of proxy bypass and SSRF vulnerabilities allowing attackers to reach sensitive loopback or internal services despite the configured protections. This vulnerability is fixed in 1.15.0 and 0.31.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-441",
              "description": "CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-16T18:44:20.705Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
        },
        {
          "name": "https://github.com/axios/axios/pull/10661",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/pull/10661"
        },
        {
          "name": "https://github.com/axios/axios/pull/10688",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/pull/10688"
        },
        {
          "name": "https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c"
        },
        {
          "name": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
        },
        {
          "name": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
        },
        {
          "name": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
        },
        {
          "name": "https://github.com/axios/axios/releases/tag/v0.31.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/releases/tag/v0.31.0"
        },
        {
          "name": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        }
      ],
      "source": {
        "advisory": "GHSA-3p68-rc4w-qgx5",
        "discovery": "UNKNOWN"
      },
      "title": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-62718",
    "datePublished": "2026-04-09T14:31:46.067Z",
    "dateReserved": "2025-10-20T19:41:22.741Z",
    "dateUpdated": "2026-04-16T18:44:20.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32281 (GCVE-0-2026-32281)

Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:19

Title

Inefficient policy validation in crypto/x509

Summary

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-407 - Inefficient Algorithmic Complexity

Assigner

References

4 references

URL	Tags
https://go.dev/cl/758061
https://go.dev/issue/78281
https://groups.google.com/g/golang-announce/c/0uY…
https://pkg.go.dev/vuln/GO-2026-4946

Impacted products

1 product

Vendor	Product	Version
Go standard library	crypto/x509	Affected: 0 , < 1.25.9 (semver) Affected: 1.26.0-0 , < 1.26.2 (semver)

Credits

Jakub Ciolek - https://ciolek.dev

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-32281",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-13T17:52:37.734298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-13T18:19:44.779Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "crypto/x509",
          "product": "crypto/x509",
          "programRoutines": [
            {
              "name": "policiesValid"
            },
            {
              "name": "Certificate.Verify"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.25.9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.26.2",
              "status": "affected",
              "version": "1.26.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek - https://ciolek.dev"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T01:06:58.354Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/758061"
        },
        {
          "url": "https://go.dev/issue/78281"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2026-4946"
        }
      ],
      "title": "Inefficient policy validation in crypto/x509"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2026-32281",
    "datePublished": "2026-04-08T01:06:58.354Z",
    "dateReserved": "2026-03-11T16:38:46.556Z",
    "dateUpdated": "2026-04-13T18:19:44.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40175 (GCVE-0-2026-40175)

Vulnerability from cvelistv5 – Published: 2026-04-10 19:23 – Updated: 2026-05-20 00:26

Title

Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Summary

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This vulnerability is fixed in 1.15.0 and 0.3.1.

Severity

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

GitHub_M

References

7 references

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM
https://github.com/axios/axios/pull/10660	x_refsource_MISC
https://github.com/axios/axios/pull/10688	x_refsource_MISC
https://github.com/axios/axios/commit/03cdfc99e8d…	x_refsource_MISC
https://github.com/axios/axios/commit/363185461b9…	x_refsource_MISC
https://github.com/axios/axios/releases/tag/v0.31.0	x_refsource_MISC
https://github.com/axios/axios/releases/tag/v1.15.0	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.0 Affected: < 0.31.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-04-13T09:32:22.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/axios/axios/pull/10660#issuecomment-4224168081"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40175",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T20:43:26.884164Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T20:43:40.670Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "gWAP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T12:09:07.347Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-876049.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.0"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This vulnerability is fixed in 1.15.0 and 0.3.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-113",
              "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-20T00:26:34.868Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
        },
        {
          "name": "https://github.com/axios/axios/pull/10660",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/pull/10660"
        },
        {
          "name": "https://github.com/axios/axios/pull/10688",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/pull/10688"
        },
        {
          "name": "https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c"
        },
        {
          "name": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
        },
        {
          "name": "https://github.com/axios/axios/releases/tag/v0.31.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/releases/tag/v0.31.0"
        },
        {
          "name": "https://github.com/axios/axios/releases/tag/v1.15.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/axios/axios/releases/tag/v1.15.0"
        }
      ],
      "source": {
        "advisory": "GHSA-fvcv-3m26-pcqx",
        "discovery": "UNKNOWN"
      },
      "title": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-40175",
    "datePublished": "2026-04-10T19:23:52.285Z",
    "dateReserved": "2026-04-09T20:59:17.618Z",
    "dateUpdated": "2026-05-20T00:26:34.868Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40895 (GCVE-0-2026-40895)

Vulnerability from cvelistv5 – Published: 2026-04-21 19:59 – Updated: 2026-04-22 13:31

Title

follow-redirects: Custom Authentication Headers Leaked to Cross-Domain Redirect Targets

Summary

follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request follows a cross-domain redirect (301/302/307/308), follow-redirects only strips authorization, proxy-authorization, and cookie headers (matched by regex at index.js). Any custom authentication header (e.g., X-API-Key, X-Auth-Token, Api-Key, Token) is forwarded verbatim to the redirect target. This vulnerability is fixed in 1.16.0.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/follow-redirects/follow-redire…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
follow-redirects	follow-redirects	Affected: < 1.16.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40895",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-22T13:31:13.035788Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-22T13:31:34.652Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "follow-redirects",
          "vendor": "follow-redirects",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.16.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "follow-redirects is an open source, drop-in replacement for Node\u0027s `http` and `https` modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request follows a cross-domain redirect (301/302/307/308), follow-redirects only strips authorization, proxy-authorization, and cookie headers (matched by regex at index.js). Any custom authentication header (e.g., X-API-Key, X-Auth-Token, Api-Key, Token) is forwarded verbatim to the redirect target. This vulnerability is fixed in 1.16.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-21T19:59:59.759Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
        }
      ],
      "source": {
        "advisory": "GHSA-r4q5-vmmm-2653",
        "discovery": "UNKNOWN"
      },
      "title": "follow-redirects: Custom Authentication Headers Leaked to Cross-Domain Redirect Targets"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-40895",
    "datePublished": "2026-04-21T19:59:59.759Z",
    "dateReserved": "2026-04-15T16:37:22.766Z",
    "dateUpdated": "2026-04-22T13:31:34.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42033 (GCVE-0-2026-42033)

Vulnerability from cvelistv5 – Published: 2026-04-24 17:36 – Updated: 2026-04-25 03:55

Title

Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can (a) silently intercept and modify every JSON response before the application sees it, or (b) fully hijack the underlying HTTP transport, gaining access to request credentials, headers, and body. The precondition is prototype pollution from a separate source in the same process. This vulnerability is fixed in 1.15.1 and 0.31.1.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.1 Affected: < 0.31.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42033",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-25T03:55:57.725Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.1"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can (a) silently intercept and modify every JSON response before the application sees it, or (b) fully hijack the underlying HTTP transport, gaining access to request credentials, headers, and body. The precondition is prototype pollution from a separate source in the same process. This vulnerability is fixed in 1.15.1 and 0.31.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1321",
              "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T17:36:44.132Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
        }
      ],
      "source": {
        "advisory": "GHSA-pf86-5x62-jrwf",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42033",
    "datePublished": "2026-04-24T17:36:44.132Z",
    "dateReserved": "2026-04-23T16:05:01.708Z",
    "dateUpdated": "2026-04-25T03:55:57.725Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42035 (GCVE-0-2026-42035)

Vulnerability from cvelistv5 – Published: 2026-04-24 17:38 – Updated: 2026-04-25 03:55

Title

Axios: Header Injection via Prototype Pollution

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toStringTag, Axios misidentifies any plain object payload as a FormData instance and calls the attacker-controlled getHeaders() function, merging the returned headers into the outgoing request. The vulnerable code resides exclusively in lib/adapters/http.js. The prototype pollution source does not need to originate from Axios itself — any prototype pollution primitive in any dependency in the application's dependency tree is sufficient to trigger this gadget. This vulnerability is fixed in 1.15.1 and 0.31.1.

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.1 Affected: < 0.31.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42035",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-25T03:55:59.169Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.1"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toStringTag, Axios misidentifies any plain object payload as a FormData instance and calls the attacker-controlled getHeaders() function, merging the returned headers into the outgoing request. The vulnerable code resides exclusively in lib/adapters/http.js. The prototype pollution source does not need to originate from Axios itself \u2014 any prototype pollution primitive in any dependency in the application\u0027s dependency tree is sufficient to trigger this gadget. This vulnerability is fixed in 1.15.1 and 0.31.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-113",
              "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1321",
              "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T17:38:07.752Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
        }
      ],
      "source": {
        "advisory": "GHSA-6chq-wfr3-2hj9",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: Header Injection via Prototype Pollution"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42035",
    "datePublished": "2026-04-24T17:38:07.752Z",
    "dateReserved": "2026-04-23T16:05:01.708Z",
    "dateUpdated": "2026-04-25T03:55:59.169Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42039 (GCVE-0-2026-42039)

Vulnerability from cvelistv5 – Published: 2026-04-24 18:01 – Updated: 2026-04-24 18:14

Title

Axios: unbounded recursion in toFormData causes DoS via deeply nested request data

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. This vulnerability is fixed in 1.15.1 and 0.31.1.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

CWE

CWE-674 - Uncontrolled Recursion

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.1 Affected: < 0.31.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42039",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T18:14:11.509943Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-24T18:14:37.802Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.1"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. This vulnerability is fixed in 1.15.1 and 0.31.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T18:01:30.775Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
        }
      ],
      "source": {
        "advisory": "GHSA-62hf-57xw-28j9",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: unbounded recursion in toFormData causes DoS via deeply nested request data"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42039",
    "datePublished": "2026-04-24T18:01:30.775Z",
    "dateReserved": "2026-04-23T16:05:01.709Z",
    "dateUpdated": "2026-04-24T18:14:37.802Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42041 (GCVE-0-2026-42041)

Vulnerability from cvelistv5 – Published: 2026-04-24 17:55 – Updated: 2026-04-24 18:32

Title

Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses (401, 403, 500, etc.), causing them to be treated as successful responses. This completely bypasses application-level authentication and error handling. The root cause is that validateStatus is the only config property using the mergeDirectKeys merge strategy, which uses JavaScript's in operator — an operator that inherently traverses the prototype chain. When Object.prototype.validateStatus is polluted with () => true, all HTTP status codes are accepted as success. This vulnerability is fixed in 1.15.1 and 0.31.1.

Severity

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-287 - Improper Authentication
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.1 Affected: < 0.31.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42041",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T18:29:47.107016Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-24T18:32:58.115Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.1"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution \"Gadget\" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses (401, 403, 500, etc.), causing them to be treated as successful responses. This completely bypasses application-level authentication and error handling. The root cause is that validateStatus is the only config property using the mergeDirectKeys merge strategy, which uses JavaScript\u0027s in operator \u2014 an operator that inherently traverses the prototype chain. When Object.prototype.validateStatus is polluted with () =\u003e true, all HTTP status codes are accepted as success. This vulnerability is fixed in 1.15.1 and 0.31.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1321",
              "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T17:55:30.036Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
        }
      ],
      "source": {
        "advisory": "GHSA-w9j2-pvgh-6h63",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42041",
    "datePublished": "2026-04-24T17:55:30.036Z",
    "dateReserved": "2026-04-23T16:05:01.709Z",
    "dateUpdated": "2026-04-24T18:32:58.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42043 (GCVE-0-2026-42043)

Vulnerability from cvelistv5 – Published: 2026-04-24 17:54 – Updated: 2026-04-27 13:47

Title

Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0

Summary

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the target URL of an Axios request can use any address in the 127.0.0.0/8 range (other than 127.0.0.1) to completely bypass the NO_PROXY protection. This vulnerability is due to an incomplete for CVE-2025-62718, This vulnerability is fixed in 1.15.1 and 0.31.1.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE

CWE-183 - Permissive List of Allowed Inputs
CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.1 Affected: < 0.31.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42043",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-27T13:47:20.443878Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-27T13:47:24.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.1"
            },
            {
              "status": "affected",
              "version": "\u003c 0.31.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the target URL of an Axios request can use any address in the 127.0.0.0/8 range (other than 127.0.0.1) to completely bypass the NO_PROXY protection. This vulnerability is due to an incomplete for CVE-2025-62718, This vulnerability is fixed in 1.15.1 and 0.31.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-183",
              "description": "CWE-183: Permissive List of Allowed Inputs",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-441",
              "description": "CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T17:54:42.668Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
        }
      ],
      "source": {
        "advisory": "GHSA-pmwg-cvhr-8vh7",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: Incomplete Fix for CVE-2025-62718 \u2014 NO_PROXY  Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8)  in Axios 1.15.0"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42043",
    "datePublished": "2026-04-24T17:54:42.668Z",
    "dateReserved": "2026-04-23T16:05:01.709Z",
    "dateUpdated": "2026-04-27T13:47:24.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42044 (GCVE-0-2026-42044)

Vulnerability from cvelistv5 – Published: 2026-04-24 17:49 – Updated: 2026-04-24 18:12

Title

Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`

Summary

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical, invisible modification of all JSON API responses — including privilege escalation, balance manipulation, and authorization bypass. The default transformResponse function at lib/defaults/index.js:124 calls JSON.parse(data, this.parseReviver), where this is the merged config object. Because parseReviver is not present in Axios defaults, not validated by assertOptions, and not subject to any constraints, a polluted Object.prototype.parseReviver function is called for every key-value pair in every JSON response, allowing the attacker to selectively modify individual values while leaving the rest of the response intact. This vulnerability is fixed in 1.15.2.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE

CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/axios/axios/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
axios	axios	Affected: >= 1.0.0, < 1.15.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42044",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T18:11:49.647774Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-24T18:12:13.920Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.15.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution \"Gadget\" attack that allows any Object.prototype pollution in the application\u0027s dependency tree to be escalated into surgical, invisible modification of all JSON API responses \u2014 including privilege escalation, balance manipulation, and authorization bypass. The default transformResponse function at lib/defaults/index.js:124 calls JSON.parse(data, this.parseReviver), where this is the merged config object. Because parseReviver is not present in Axios defaults, not validated by assertOptions, and not subject to any constraints, a polluted Object.prototype.parseReviver function is called for every key-value pair in every JSON response, allowing the attacker to selectively modify individual values while leaving the rest of the response intact. This vulnerability is fixed in 1.15.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-915",
              "description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1321",
              "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-24T17:50:26.586Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
        }
      ],
      "source": {
        "advisory": "GHSA-3w6x-2g7m-8v23",
        "discovery": "UNKNOWN"
      },
      "title": "Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-42044",
    "datePublished": "2026-04-24T17:49:49.517Z",
    "dateReserved": "2026-04-23T16:05:01.709Z",
    "dateUpdated": "2026-04-24T18:12:13.920Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2026:20938

CVE-2025-62718 (GCVE-0-2025-62718)

CVE-2026-32281 (GCVE-0-2026-32281)

CVE-2026-40175 (GCVE-0-2026-40175)

CVE-2026-40895 (GCVE-0-2026-40895)

CVE-2026-42033 (GCVE-0-2026-42033)

CVE-2026-42035 (GCVE-0-2026-42035)

CVE-2026-42039 (GCVE-0-2026-42039)

CVE-2026-42041 (GCVE-0-2026-42041)

CVE-2026-42043 (GCVE-0-2026-42043)

CVE-2026-42044 (GCVE-0-2026-42044)

Tags

Sightings

Nomenclature