RHSA-2026:33683

Vulnerability from csaf_redhat - Published: 2026-06-30 18:09 - Updated: 2026-07-02 14:12
Summary
Red Hat Security Advisory: Red Hat Quay 3.10.23
Severity
Important
Notes
Topic: Red Hat Quay 3.10.23 is now available with bug fixes.
Details: Quay 3.10.23
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.

CWE-140 - Improper Neutralization of Delimiters
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Threats
Impact Important

A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Threats
Impact Important

A flaw was found in kafka-python. A malicious or machine-in-the-middle broker could exploit a denial-of-service vulnerability during SCRAM authentication. By providing an excessively large iteration count, the broker can cause the client's event loop to freeze. This prevents critical operations such as sending messages, polling for new messages, and maintaining heartbeats, ultimately leading to consumer group eviction and persistent connection failures.

CWE-606 - Unchecked Input for Loop Condition
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Workaround
Threats
Impact Important

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Threats
Impact Important

A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.

CWE-1333 - Inefficient Regular Expression Complexity
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Workaround
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Workaround
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Workaround
Threats
Impact Important

A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.

CWE-347 - Improper Verification of Cryptographic Signature
Affected products
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le
Vendor Fix fix
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x
Vendor Fix fix
Product Identifier Version Remediation
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64
Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x
Threats
Impact Important
References
URL Category
https://access.redhat.com/errata/RHSA-2026:33683 self
https://access.redhat.com/security/cve/CVE-2026-10143 external
https://access.redhat.com/security/cve/CVE-2026-44432 external
https://access.redhat.com/security/cve/CVE-2026-44496 external
https://access.redhat.com/security/cve/CVE-2026-48526 external
https://access.redhat.com/security/cve/CVE-2026-6322 external
https://access.redhat.com/security/cve/CVE-2026-9277 external
https://access.redhat.com/security/updates/classi… external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2026-6322 self
https://bugzilla.redhat.com/show_bug.cgi?id=2466684 external
https://www.cve.org/CVERecord?id=CVE-2026-6322 external
https://nvd.nist.gov/vuln/detail/CVE-2026-6322 external
https://cna.openjsf.org/security-advisories.html external
https://github.com/fastify/fast-uri/security/advi… external
https://access.redhat.com/security/cve/CVE-2026-9277 self
https://bugzilla.redhat.com/show_bug.cgi?id=2480741 external
https://www.cve.org/CVERecord?id=CVE-2026-9277 external
https://nvd.nist.gov/vuln/detail/CVE-2026-9277 external
https://github.com/ljharb/shell-quote external
https://github.com/ljharb/shell-quote/commit/1518179 external
https://github.com/ljharb/shell-quote/security/ad… external
https://www.npmjs.com/package/shell-quote external
https://access.redhat.com/security/cve/CVE-2026-10143 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487722 external
https://www.cve.org/CVERecord?id=CVE-2026-10143 external
https://nvd.nist.gov/vuln/detail/CVE-2026-10143 external
https://github.com/dpkp/kafka-python/commit/6e483… external
https://github.com/dpkp/kafka-python/pull/3019 external
https://github.com/dpkp/kafka-python/pull/3026 external
https://www.vulncheck.com/advisories/kafka-python… external
https://access.redhat.com/security/cve/CVE-2026-44432 self
https://bugzilla.redhat.com/show_bug.cgi?id=2477154 external
https://www.cve.org/CVERecord?id=CVE-2026-44432 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44432 external
https://github.com/urllib3/urllib3/security/advis… external
https://access.redhat.com/security/cve/CVE-2026-44496 self
https://bugzilla.redhat.com/show_bug.cgi?id=2487943 external
https://www.cve.org/CVERecord?id=CVE-2026-44496 external
https://nvd.nist.gov/vuln/detail/CVE-2026-44496 external
https://github.com/axios/axios/security/advisorie… external
https://access.redhat.com/security/cve/CVE-2026-48526 self
https://bugzilla.redhat.com/show_bug.cgi?id=2482734 external
https://www.cve.org/CVERecord?id=CVE-2026-48526 external
https://nvd.nist.gov/vuln/detail/CVE-2026-48526 external
https://github.com/jpadilla/pyjwt/security/adviso… external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Quay 3.10.23 is now available with bug fixes.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Quay 3.10.23",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:33683",
        "url": "https://access.redhat.com/errata/RHSA-2026:33683"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-10143",
        "url": "https://access.redhat.com/security/cve/CVE-2026-10143"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44432"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
        "url": "https://access.redhat.com/security/cve/CVE-2026-44496"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-48526",
        "url": "https://access.redhat.com/security/cve/CVE-2026-48526"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
        "url": "https://access.redhat.com/security/cve/CVE-2026-6322"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
        "url": "https://access.redhat.com/security/cve/CVE-2026-9277"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33683.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Quay 3.10.23",
    "tracking": {
      "current_release_date": "2026-07-02T14:12:44+00:00",
      "generator": {
        "date": "2026-07-02T14:12:44+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2026:33683",
      "initial_release_date": "2026-06-30T18:09:16+00:00",
      "revision_history": [
        {
          "date": "2026-06-30T18:09:16+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-06-30T18:09:26+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-07-02T14:12:44+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Quay 3.10",
                "product": {
                  "name": "Red Hat Quay 3.10",
                  "product_id": "Red Hat Quay 3.10",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:quay:3.10::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Quay"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1782334437"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ab3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ac8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1782333017"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aa040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ada8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1782332508"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3Ae51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-bundle@sha256%3A009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1782492284"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Aafa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3A4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3A1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Aa5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
                  "product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=1782332130"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
                  "product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=1782331379"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
                  "product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-builder-rhel8@sha256%3A65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=1781620407"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
                  "product_id": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/clair-rhel8@sha256%3A9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=1782331561"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
                  "product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-operator-rhel8@sha256%3Af486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=1782331416"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
                "product": {
                  "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
                  "product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/quay-rhel8@sha256%3Ac7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=1782487717"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64"
        },
        "product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64 as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x as a component of Red Hat Quay 3.10",
          "product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        },
        "product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x",
        "relates_to_product_reference": "Red Hat Quay 3.10"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-6322",
      "cwe": {
        "id": "CWE-140",
        "name": "Improper Neutralization of Delimiters"
      },
      "discovery_date": "2026-05-05T11:01:00.332189+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2466684"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-6322"
        },
        {
          "category": "external",
          "summary": "RHBZ#2466684",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
        },
        {
          "category": "external",
          "summary": "https://cna.openjsf.org/security-advisories.html",
          "url": "https://cna.openjsf.org/security-advisories.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
          "url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
        }
      ],
      "release_date": "2026-05-05T10:29:16.378000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
    },
    {
      "cve": "CVE-2026-9277",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2026-05-22T14:01:14.427751+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2480741"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-9277"
        },
        {
          "category": "external",
          "summary": "RHBZ#2480741",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
        },
        {
          "category": "external",
          "summary": "https://github.com/ljharb/shell-quote",
          "url": "https://github.com/ljharb/shell-quote"
        },
        {
          "category": "external",
          "summary": "https://github.com/ljharb/shell-quote/commit/1518179",
          "url": "https://github.com/ljharb/shell-quote/commit/1518179"
        },
        {
          "category": "external",
          "summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
          "url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
        },
        {
          "category": "external",
          "summary": "https://www.npmjs.com/package/shell-quote",
          "url": "https://www.npmjs.com/package/shell-quote"
        }
      ],
      "release_date": "2026-05-22T13:22:38.873000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
    },
    {
      "cve": "CVE-2026-10143",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "discovery_date": "2026-06-10T21:02:14.712750+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487722"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in kafka-python. A malicious or machine-in-the-middle broker could exploit a denial-of-service vulnerability during SCRAM authentication. By providing an excessively large iteration count, the broker can cause the client\u0027s event loop to freeze. This prevents critical operations such as sending messages, polling for new messages, and maintaining heartbeats, ultimately leading to consumer group eviction and persistent connection failures.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-10143"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487722",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487722"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-10143",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-10143"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-10143",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10143"
        },
        {
          "category": "external",
          "summary": "https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b",
          "url": "https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b"
        },
        {
          "category": "external",
          "summary": "https://github.com/dpkp/kafka-python/pull/3019",
          "url": "https://github.com/dpkp/kafka-python/pull/3019"
        },
        {
          "category": "external",
          "summary": "https://github.com/dpkp/kafka-python/pull/3026",
          "url": "https://github.com/dpkp/kafka-python/pull/3026"
        },
        {
          "category": "external",
          "summary": "https://www.vulncheck.com/advisories/kafka-python-prior-to-dos-via-scram-iteration-count-in-scram-py",
          "url": "https://www.vulncheck.com/advisories/kafka-python-prior-to-dos-via-scram-iteration-count-in-scram-py"
        }
      ],
      "release_date": "2026-06-10T20:22:39.262000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kafka-python: kafka-python: Denial of Service via excessive SCRAM authentication iteration count"
    },
    {
      "cve": "CVE-2026-44432",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "discovery_date": "2026-05-13T17:01:01.083841+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2477154"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44432"
        },
        {
          "category": "external",
          "summary": "RHBZ#2477154",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
        },
        {
          "category": "external",
          "summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
          "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
        }
      ],
      "release_date": "2026-05-13T15:17:12.611000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
    },
    {
      "cve": "CVE-2026-44496",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "discovery_date": "2026-06-11T17:01:15.856386+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2487943"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-44496"
        },
        {
          "category": "external",
          "summary": "RHBZ#2487943",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
        },
        {
          "category": "external",
          "summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
          "url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
        }
      ],
      "release_date": "2026-06-11T15:34:28.492000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
    },
    {
      "cve": "CVE-2026-48526",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2026-05-28T16:01:22.805235+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2482734"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer\u0027s public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
        ],
        "known_not_affected": [
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
          "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-48526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2482734",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482734"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-48526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-48526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
        },
        {
          "category": "external",
          "summary": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx",
          "url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx"
        }
      ],
      "release_date": "2026-05-28T15:09:09.258000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-30T18:09:16+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:33683"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:25c740738b3511ae6333ad8f32e6c2eac1d3d4fe2c9eeda241906f0a6a96f708_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9313307979bccd1f9bc732df389f1d6c49159ceb74ef9befbb7ae269afe9f9c1_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:e51e41b330d3cf44ef7b5eb1a511096cef98f82495297cd4438693ef2f9a24ef_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:c8a83d3757c774e0958472661f268783e17d7d0c7a7e4e19e1d380201c43e0d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:09933cf1e12617711f28f19798f355b3c064ab1219179b0692f591f5d1f86b2c_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1a36faf3a63c2f367a1524748d9c4a56fb3910c80af4ead41c6c8a73b5b8eab8_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:a040e83b9aa90c795751c3163533571c954639fbad350a25f258a3ef2d9669d4_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:da8f01cb4aafaed7f2313329ab905cfd274133fc0b850cda8955d15898245153_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:3bf79d70954794dc237f44bbbae4bcec5a5b16fedb3eda79f4f26d3be04c6775_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:65b406622bfd9fadf0d24431277957bafc553d9e7b331f8357c1c7ef8535f0c9_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d353d7214e8bef5f0ee1632da4e6f74bc89495115ab8ce245af5665fefbdb2ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:5040540e6ed9126958497b0b12d1d119eb06f445ca0edeb0f823880d5c936567_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:37510942aee22b6321acb0ef35464da20116b44809efd92a4666435d1a2bd732_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:89403ee27003086a0da369f2087718644bce09eb1571919ce809ea7d6b4e7eeb_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b3d595075321c1cebed49970a2b3746d59415ef08fa4d800a8db58ad716638d0_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:009f4d31d16d3f0a6f942efa8fa1aec77edc9b6f0aae38503b472c0e6bf6b615_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:1eb7d2e819dd5ca1c2062ce1812361d0fe8390cfeed9cc01a1500b8632bfd8c3_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:afa0b44ce77545a1fc105b9d0c8b5f1eef715e2f9491f0075bdad4385208f42c_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:f486398c18878a624d12a4d82bf6d72f72447ddbdc5a764a6908674a14efad22_s390x",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:4ac0ffd9db1d6579f0456752f2fca8b686ce1c62578187f4db7c402f0efb89ea_amd64",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:a5d427872efcf0c350f89cfae291c8ad808f68123eda0b5163496315f04e2779_ppc64le",
            "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:c7bf8d54e019c893484b055de7a2b6938152403cfa4b064054c537fb186998de_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…