RHSA-2026:3751

Vulnerability from csaf_redhat - Published: 2026-03-04 15:00 - Updated: 2026-03-04 15:14
Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.9.0 release.

Notes

Topic
Red Hat Developer Hub 1.9.0 has been released.
Details
Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Developer Hub 1.9.0 has been released.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:3751",
        "url": "https://access.redhat.com/errata/RHSA-2026:3751"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-53382",
        "url": "https://access.redhat.com/security/cve/CVE-2024-53382"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-13033",
        "url": "https://access.redhat.com/security/cve/CVE-2025-13033"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
        "url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
      },
      {
        "category": "external",
        "summary": "https://developers.redhat.com/rhdh/overview",
        "url": "https://developers.redhat.com/rhdh/overview"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
        "url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHBUGS-2399",
        "url": "https://issues.redhat.com/browse/RHDHBUGS-2399"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHDHPLAN-257",
        "url": "https://issues.redhat.com/browse/RHDHPLAN-257"
      },
      {
        "category": "external",
        "summary": "https://issues.redhat.com/browse/RHIDP-9819",
        "url": "https://issues.redhat.com/browse/RHIDP-9819"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3751.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Developer Hub 1.9.0 release.",
    "tracking": {
      "current_release_date": "2026-03-04T15:14:14+00:00",
      "generator": {
        "date": "2026-03-04T15:14:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.2"
        }
      },
      "id": "RHSA-2026:3751",
      "initial_release_date": "2026-03-04T15:00:31+00:00",
      "revision_history": [
        {
          "date": "2026-03-04T15:00:31+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-03-04T15:00:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-04T15:14:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Developer Hub 1.9",
                "product": {
                  "name": "Red Hat Developer Hub 1.9",
                  "product_id": "Red Hat Developer Hub 1.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhdh:1.9::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Developer Hub"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1772573159"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-rhel9-operator@sha256%3Ac963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1772575881"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
                "product": {
                  "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
                  "product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhdh-operator-bundle@sha256%3Abe3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1772578053"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64 as a component of Red Hat Developer Hub 1.9",
          "product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
        },
        "product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64",
        "relates_to_product_reference": "Red Hat Developer Hub 1.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-53382",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2025-03-03T07:00:37.175156+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2349390"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the prism-autoloader plugin of the Prism library. The prism-autoloader plugin uses `document.currentScript` as the base URL for dynamically loading other dependencies and, in certain circumstances, can be vulnerable to a DOM Clobbering attack. This issue could lead to Cross-site scripting (XSS) attacks on web pages that embed Prism and allow users to inject scriptless HTML elements, such as an `img` tag with a controlled `name` attribute.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "prismjs: DOM Clobbering vulnerability within the Prism library\u0027s prism-autoloader plugin",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-53382"
        },
        {
          "category": "external",
          "summary": "RHBZ#2349390",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349390"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-53382",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-53382"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53382",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53382"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/jackfromeast/aeb128e44f05f95828a1a824708df660",
          "url": "https://gist.github.com/jackfromeast/aeb128e44f05f95828a1a824708df660"
        },
        {
          "category": "external",
          "summary": "https://github.com/PrismJS/prism/blob/59e5a3471377057de1f401ba38337aca27b80e03/prism.js#L226-L259",
          "url": "https://github.com/PrismJS/prism/blob/59e5a3471377057de1f401ba38337aca27b80e03/prism.js#L226-L259"
        }
      ],
      "release_date": "2025-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-03-04T15:00:31+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:3751"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "prismjs: DOM Clobbering vulnerability within the Prism library\u0027s prism-autoloader plugin"
    },
    {
      "cve": "CVE-2025-13033",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "discovery_date": "2025-10-07T15:03:14.483722+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2402179"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker\u0027s external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nodemailer: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability allows an attacker to force nodemailer to send an email to an attacker-owned email address by leveraging the incorrect handling of quoted local-parts containing the \u0027@\u0027 character in the destination email address. When successfully exploited, this vulnerability may allow an attacker to exfiltrate data by misrouting emails to an unintended domain, presenting a high impact on data confidentiality.\n\nThis vulnerability has been assessed as having a Moderate impact on Red Hat Products by the Red Hat Product Security team. This happens because to an attacker successfully exploit this vulnerability, the malicious actor needs to have direct control over the destination email input.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64"
        ],
        "known_not_affected": [
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
          "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-13033"
        },
        {
          "category": "external",
          "summary": "RHBZ#2402179",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402179"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-13033",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-13033"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13033",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13033"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodemailer/nodemailer",
          "url": "https://github.com/nodemailer/nodemailer"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626",
          "url": "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626"
        },
        {
          "category": "external",
          "summary": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87",
          "url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87"
        }
      ],
      "release_date": "2025-10-07T13:42:02+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-03-04T15:00:31+00:00",
          "details": "For more about Red Hat Developer Hub, see References links",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:3751"
        },
        {
          "category": "workaround",
          "details": "Currently there\u0027s no available mitigation for this flaw.",
          "product_ids": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:141aeba778033153ed7005785565c8f3a00f6353be7bb3fd9124d8ad9375d988_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:be3276aa08b84a3e897b53d27d270285a6a36012ad4444b9ee3ee97a90ab9a1a_amd64",
            "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:c963d74818ba253dc900389712e83ee14b0d1cf499a188e16de48db826685014_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "nodemailer: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.