Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2026-0553
Vulnerability from csaf_certbund - Published: 2026-03-01 23:00 - Updated: 2026-05-14 22:00Summary
HCL BigFix: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: BigFix ist eine Lösung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.
Angriff: Ein Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um Informationen offenzulegen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, und um Dateien zu manipulieren.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
HCL BigFix Service Management
HCL / BigFix
|
cpe:/a:hcltech:bigfix:service_management
|
Service Management | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
HCL BigFix Reports <1.0.2 Update 2
HCL / BigFix
|
Reports <1.0.2 Update 2 |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um Informationen offenzulegen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, und um Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0553 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0553.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0553 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0553"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2026-03-01",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0129092"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4466 vom 2026-03-12",
"url": "https://access.redhat.com/errata/RHSA-2026:4466"
},
{
"category": "external",
"summary": "HCL Security Bulletin",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0130587"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2026-05-14",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=6976946e2bfccf900c64f1a1d891bf9a"
}
],
"source_lang": "en-US",
"title": "HCL BigFix: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-14T22:00:00.000+00:00",
"generator": {
"date": "2026-05-15T08:33:35.845+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0553",
"initial_release_date": "2026-03-01T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "WebUI",
"product": {
"name": "HCL BigFix WebUI",
"product_id": "T036098",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:webui"
}
}
},
{
"category": "product_version",
"name": "Service Management",
"product": {
"name": "HCL BigFix Service Management",
"product_id": "T046595",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:service_management"
}
}
},
{
"category": "product_version_range",
"name": "Reports \u003c1.0.\u200b2 Update 2",
"product": {
"name": "HCL BigFix Reports \u003c1.0.\u200b2 Update 2",
"product_id": "T051321"
}
},
{
"category": "product_version",
"name": "Reports 1.0.\u200b2 Update 2",
"product": {
"name": "HCL BigFix Reports 1.0.\u200b2 Update 2",
"product_id": "T051321-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:reports__1.0.2_update_2"
}
}
}
],
"category": "product_name",
"name": "BigFix"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68428",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2025-68428"
},
{
"cve": "CVE-2026-22029",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-22029"
},
{
"cve": "CVE-2026-24040",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-24040"
},
{
"cve": "CVE-2026-24043",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-24043"
},
{
"cve": "CVE-2026-24133",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-24133"
},
{
"cve": "CVE-2026-24737",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-24737"
},
{
"cve": "CVE-2026-25639",
"product_status": {
"known_affected": [
"67646",
"T046595",
"T036098",
"T051321"
]
},
"release_date": "2026-03-01T23:00:00.000+00:00",
"title": "CVE-2026-25639"
}
]
}
CVE-2025-68428 (GCVE-0-2025-68428)
Vulnerability from cvelistv5 – Published: 2026-01-05 21:43 – Updated: 2026-07-15 01:25
VLAI
EPSS
VEX
Title
jsPDF has Local File Inclusion/Path Traversal vulnerability
Summary
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/parallax/jsPDF/security/adviso… | x_refsource_CONFIRM |
| https://github.com/parallax/jsPDF/commit/a688c8f4… | x_refsource_MISC |
| https://github.com/parallax/jsPDF/releases/tag/v4.0.0 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2025-68428 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2427236 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:1517 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:2350 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:2568 | vendor-advisoryx_refsource_REDHAT |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| parallax | jsPDF |
Affected:
< 4.0.0
|
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
Unaffected:
1769615659 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
Unaffected:
1770074713 , < *
(rpm)
Unaffected: 1770250889 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T15:35:22.371810Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T17:38:46.470Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1769615659",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770074713",
"versionType": "rpm"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "1770250889",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-05T21:43:55.169Z",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability has been discovered in the jdPDF npm library. User control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js`."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:25:04.866Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"name": "RHBZ#2427236",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-68428.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:1517: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:2350: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:2568: Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-05T22:01:15.703Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-05T21:43:55.169Z",
"value": "Made public."
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "jsPDF",
"vendor": "parallax",
"versions": [
{
"status": "affected",
"version": "\u003c 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T21:43:55.169Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
},
{
"name": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"name": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
}
],
"source": {
"advisory": "GHSA-f8cm-6447-x5h2",
"discovery": "UNKNOWN"
},
"title": "jsPDF has Local File Inclusion/Path Traversal vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68428",
"datePublished": "2026-01-05T21:43:55.169Z",
"dateReserved": "2025-12-17T15:29:39.378Z",
"dateUpdated": "2026-07-15T01:25:04.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22029 (GCVE-0-2026-22029)
Vulnerability from cvelistv5 – Published: 2026-01-10 02:42 – Updated: 2026-07-15 01:19
VLAI
EPSS
VEX
Title
React Router vulnerable to XSS via Open Redirects
Summary
React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (<BrowserRouter>) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
37 references
Impacted products
121 products
| Vendor | Product | Version | |
|---|---|---|---|
| remix-run | react-router |
Affected:
>= 7.0.0, < 7.12.0
|
|
| remix-run | @remix-run/router |
Affected:
< 1.23.2
|
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
Unaffected:
0:2.5.20260225-1.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.5::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 9 |
Unaffected:
0:2.5.20260225-1.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.5::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 9 |
Unaffected:
0:2.6.6-1.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.10 |
Unaffected:
1777128790 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.10::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
1776223790 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
1773100128 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
1775116156 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
1773259174 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
1775116130 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
1769990632 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
1782693386 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.15 |
Unaffected:
1776927126 , < *
(rpm)
cpe:/a:redhat:acm:2.15::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
Unaffected:
1769615659 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
Unaffected:
1770074713 , < *
(rpm)
Unaffected: 1770250889 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
Unaffected:
1772543959 , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Discovery 2 |
Unaffected:
1770913709 , < *
(rpm)
cpe:/a:redhat:discovery:2::el9 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
Unaffected:
1783502765 , < *
(rpm)
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
Unaffected:
1783502438 , < *
(rpm)
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
Unaffected:
1772093424 , < *
(rpm)
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
Unaffected:
1772093498 , < *
(rpm)
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1779189627 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1778473763 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1778666987 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
Unaffected:
1782269794 , < *
(rpm)
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
Unaffected:
1779874967 , < *
(rpm)
cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779256322 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1779249920 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1778645099 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1778645008 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1778539338 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781555717 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781554936 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781555645 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556009 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781558423 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781555708 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781557202 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781555679 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781557189 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556534 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556085 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781555971 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781557158 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556690 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781558326 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556544 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556958 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781556901 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
1781557496 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550255 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781554417 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550415 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550593 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551060 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550551 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550615 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550670 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550777 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550759 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551276 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550761 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550908 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781550957 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551499 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551098 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551130 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551169 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551235 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
Unaffected:
1781551472 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces (RHOSDS) 3.26 |
Unaffected:
1769685154 , < *
(rpm)
cpe:/a:redhat:openshift_devspaces:3.26::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1770140791 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1770140853 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1770140180 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1770138727 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1770142326 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1770138513 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.3 |
Unaffected:
1771324807 , < *
(rpm)
cpe:/a:redhat:trusted_artifact_signer:1.3::el9 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 cpe:/a:redhat:logging:6 |
|
| Red Hat | Migration Toolkit for Applications 7 |
cpe:/a:redhat:migration_toolkit_applications:7 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | Migration Toolkit for Virtualization |
cpe:/a:redhat:migration_toolkit_virtualization:2 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Network Observability Operator |
cpe:/a:redhat:network_observ_optr:1 |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat build of Apache Camel - HawtIO 4 |
cpe:/a:redhat:apache_camel_hawtio:4 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat Build of Kueue |
cpe:/a:redhat:kueue_operator:1 |
|
| Red Hat | Red Hat build of OptaPlanner 8 |
cpe:/a:redhat:optaplanner:::el6 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Data Grid 8 |
cpe:/a:redhat:jboss_data_grid:8 |
|
| Red Hat | Red Hat Developer Hub |
cpe:/a:redhat:rhdh:1 |
|
| Red Hat | Red Hat Edge Manager preview |
cpe:/a:redhat:edge_manager:0 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3 |
cpe:/a:redhat:openshift_distributed_tracing:3 |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Single Sign-On 7 |
cpe:/a:redhat:red_hat_single_sign_on:7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22029",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T04:55:53.265498Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:50.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20260225-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20260225-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "automation-platform-ui",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.6.6-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777128790",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776223790",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773100128",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775116156",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773259174",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775116130",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1769990632",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-grafana-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782693386",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776927126",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1769615659",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770074713",
"versionType": "rpm"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "1770250889",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-26/gateway-rhel9",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1772543959",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "discovery/discovery-ui-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770913709",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-ocp-rhel9",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783502765",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-rhel9",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783502438",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel9",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1772093424",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1772093498",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779189627",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-gen-ai-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778473763",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778666987",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/nmstate-console-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1782269794",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/nmstate-console-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779874967",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-networking-console-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779256322",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/nmstate-console-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779249920",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-agent-installer-ui-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778645099",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/nmstate-console-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778645008",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-agent-installer-ui-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778539338",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781555717",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781554936",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781555645",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556009",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781558423",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781555708",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781557202",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781555679",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781557189",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556534",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556085",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781555971",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781557158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556690",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781558326",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556544",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556958",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781556901",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781557496",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550255",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781554417",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550415",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550593",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551060",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550551",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550615",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550670",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550777",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cloudnative-pg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550759",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551276",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550761",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550908",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781550957",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551499",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551098",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551130",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551169",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551235",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1781551472",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.26::el9"
],
"defaultStatus": "affected",
"packageName": "devspaces/dashboard-rhel9",
"product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1769685154",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770140791",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770140853",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770140180",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770138727",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770142326",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770138513",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhtas/rhtas-console-ui-rhel9",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771324807",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"packageName": "io.cryostat-cryostat",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unaffected",
"packageName": "gatekeeper/gatekeeper-rhel9",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch6-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-operator-bundle",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-proxy-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-rhel9-operator",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/kibana6-rhel8",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-curator5-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5",
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-loki-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-view-plugin-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5",
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/loki-operator-bundle",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5",
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/loki-rhel9-operator",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5",
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/lokistack-gateway-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5",
"cpe:/a:redhat:logging:6"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/opa-openshift-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:7"
],
"defaultStatus": "unaffected",
"packageName": "mta/mta-ui-rhel9",
"product": "Migration Toolkit for Applications 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "unaffected",
"packageName": "mta/mta-ui-rhel9",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"packageName": "rhmtc/openshift-migration-ui-rhel8",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_virtualization:2"
],
"defaultStatus": "affected",
"packageName": "migration-toolkit-virtualization/mtv-console-plugin-rhel9",
"product": "Migration Toolkit for Virtualization",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_virtualization:2"
],
"defaultStatus": "affected",
"packageName": "mtv-candidate/mtv-console-plugin-rhel9",
"product": "Migration Toolkit for Virtualization",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "unaffected",
"packageName": "network-observability/network-observability-console-plugin-compat-rhel9",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "unaffected",
"packageName": "network-observability/network-observability-console-plugin-rhel9",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/node-healthcheck-must-gather-rhel9",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/node-healthcheck-operator-bundle",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/node-healthcheck-rhel9-operator",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"packageName": "workload-availability/node-remediation-console-rhel9",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"packageName": "openshift-lightspeed/lightspeed-console-plugin-pf5-rhel9",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"packageName": "openshift-lightspeed/lightspeed-console-plugin-rhel9",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-console-plugin-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-console-plugin-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-api-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-db-migration-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-ui-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel8",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-operator-bundle",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel9-operator",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-flightctl-ocp-ui-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-flightctl-ui-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/prometheus-alertmanager-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"packageName": "rhacm2/prometheus-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-25/aap-cloud-ui-rhel8",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-on-clouds/aoc-azure-aap-installer-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-eda-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "automation-hub",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "python3.11-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3x-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "unaffected",
"packageName": "io.hawt-project",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "io.apicurio-apicurio-registry",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-must-gather-rhel9",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-operator-bundle",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-rhel9",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-rhel9-operator",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "unaffected",
"packageName": "org.optaweb.vehiclerouting-optaweb-vehicle-routing",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"packageName": "rhcl-1/rhcl-console-plugin-rhel9",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"packageName": "org.infinispan-infinispan-console",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhdh:1"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-flightctl-ocp-ui-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-flightctl-ui-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-alert-exporter-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-alertmanager-proxy-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-api-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-cli-artifacts-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-db-setup-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-periodic-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-telemetry-gateway-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-ocp-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-ui-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-userinfo-proxy-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:edge_manager:0"
],
"defaultStatus": "affected",
"packageName": "rhem/flightctl-worker-rhel9",
"product": "Red Hat Edge Manager preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "ipa",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "dotnet5.0-build-reference-packages",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "pcs",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "ipa",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "io.syndesis-syndesis-parent",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak-keycloak-parent",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak-keycloak-parent",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-model-registry-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-console",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-console-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-monitoring-plugin-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-monitoring-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/ose-prometheus-alertmanager-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"packageName": "devspaces/openvsx-rhel9",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"packageName": "rhosdt/tempo-jaeger-query-rhel8",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/argocd-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/argocd-rhel9",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "unaffected",
"packageName": "openshift-gitops-1/argo-rollouts-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/console-plugin-rhel8",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"packageName": "openshift-gitops-1/gitops-operator-bundle",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/kubevirt-console-plugin",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/kubevirt-console-plugin-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"packageName": "org.uberfire-uberfire-parent",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "nodejs-react-router",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "nodejs-react-router-dom",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "satellite/iop-advisor-frontend-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "satellite/iop-host-inventory-frontend-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"packageName": "satellite/iop-vulnerability-frontend-rhel9",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "affected",
"packageName": "org.keycloak-keycloak-parent",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-10T02:42:32.736Z",
"descriptions": [
{
"lang": "en",
"value": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:19:36.831Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"name": "RHBZ#2428412",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22029.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5633"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8229"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36882"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2572"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13548"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2350"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3960"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2694"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3782"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34100"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21658"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20042"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17469"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17474"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2148"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2149"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2147"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26420"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26413"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3087"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9848"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8218"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:5633: Red Hat Advanced Cluster Management for Kubernetes 2.12"
},
{
"lang": "en",
"value": "RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13"
},
{
"lang": "en",
"value": "RHSA-2026:36882: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:2572: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:1517: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:2350: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:2568: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:2694: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
},
{
"lang": "en",
"value": "RHSA-2026:3782: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:34100: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:21658: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:20042: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:17469: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17474: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:2456: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"lang": "en",
"value": "RHSA-2026:2148: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:2149: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:2147: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:26420: Red Hat Openshift Data Foundation 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:26413: Red Hat Openshift Data Foundation 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:3087: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:13542: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:9848: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5636: multicluster engine for Kubernetes 2.7"
},
{
"lang": "en",
"value": "RHSA-2026:8218: multicluster engine for Kubernetes 2.8"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T04:01:03.694Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-10T02:42:32.736Z",
"value": "Made public."
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "react-router",
"vendor": "remix-run",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.12.0"
}
]
},
{
"product": "@remix-run/router",
"vendor": "remix-run",
"versions": [
{
"status": "affected",
"version": "\u003c 1.23.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T16:58:42.516Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"source": {
"advisory": "GHSA-2w69-qvjg-hvjx",
"discovery": "UNKNOWN"
},
"title": "React Router vulnerable to XSS via Open Redirects"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-22029",
"datePublished": "2026-01-10T02:42:32.736Z",
"dateReserved": "2026-01-05T22:30:38.718Z",
"dateUpdated": "2026-07-15T01:19:36.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24040 (GCVE-0-2026-24040)
Vulnerability from cvelistv5 – Published: 2026-02-02 20:38 – Updated: 2026-02-03 15:30
VLAI
EPSS
VEX
Title
jsPDF has a Shared State Race Condition in addJS Plugin
Summary
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable (text) to store JavaScript content. When used in a concurrent environment (e.g., a Node.js web server), this variable is shared across all requests. If multiple requests generate PDFs simultaneously, the JavaScript content intended for one user may be overwritten by a subsequent request before the document is generated. This results in Cross-User Data Leakage, where the PDF generated for User A contains the JavaScript payload (and any embedded sensitive data) intended for User B. Typically, this only affects server-side environments, although the same race conditions might occur if jsPDF runs client-side. The vulnerability has been fixed in jsPDF@4.1.0.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/parallax/jsPDF/security/adviso… | x_refsource_CONFIRM |
| https://github.com/parallax/jsPDF/commit/2863e5c2… | x_refsource_MISC |
| https://github.com/parallax/jsPDF/releases/tag/v4.1.0 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24040",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:29:49.991694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:30:05.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jsPDF",
"vendor": "parallax",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable (text) to store JavaScript content. When used in a concurrent environment (e.g., a Node.js web server), this variable is shared across all requests. If multiple requests generate PDFs simultaneously, the JavaScript content intended for one user may be overwritten by a subsequent request before the document is generated. This results in Cross-User Data Leakage, where the PDF generated for User A contains the JavaScript payload (and any embedded sensitive data) intended for User B. Typically, this only affects server-side environments, although the same race conditions might occur if jsPDF runs client-side. The vulnerability has been fixed in jsPDF@4.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T20:38:24.732Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-cjw8-79x6-5cj4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-cjw8-79x6-5cj4"
},
{
"name": "https://github.com/parallax/jsPDF/commit/2863e5c26afef211a545e8c174ab4d5fce3b8c0e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/commit/2863e5c26afef211a545e8c174ab4d5fce3b8c0e"
},
{
"name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"
}
],
"source": {
"advisory": "GHSA-cjw8-79x6-5cj4",
"discovery": "UNKNOWN"
},
"title": "jsPDF has a Shared State Race Condition in addJS Plugin"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-24040",
"datePublished": "2026-02-02T20:38:24.732Z",
"dateReserved": "2026-01-20T22:30:11.777Z",
"dateUpdated": "2026-02-03T15:30:05.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24043 (GCVE-0-2026-24043)
Vulnerability from cvelistv5 – Published: 2026-02-02 20:34 – Updated: 2026-02-03 15:27
VLAI
EPSS
VEX
Title
jsPDF Affected by Stored XMP Metadata Injection (Spoofing & Integrity Violation)
Summary
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed. The vulnerability has been fixed in jsPDF@4.1.0.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/parallax/jsPDF/security/adviso… | x_refsource_CONFIRM |
| https://github.com/parallax/jsPDF/commit/efe54bf5… | x_refsource_MISC |
| https://github.com/parallax/jsPDF/releases/tag/v4.1.0 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24043",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:20:54.661574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:27:51.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jsPDF",
"vendor": "parallax",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed. The vulnerability has been fixed in jsPDF@4.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T20:34:50.617Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-vm32-vv63-w422",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-vm32-vv63-w422"
},
{
"name": "https://github.com/parallax/jsPDF/commit/efe54bf50f3f5e5416b2495e3c24624fc80b6cff",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/commit/efe54bf50f3f5e5416b2495e3c24624fc80b6cff"
},
{
"name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"
}
],
"source": {
"advisory": "GHSA-vm32-vv63-w422",
"discovery": "UNKNOWN"
},
"title": "jsPDF Affected by Stored XMP Metadata Injection (Spoofing \u0026 Integrity Violation)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-24043",
"datePublished": "2026-02-02T20:34:50.617Z",
"dateReserved": "2026-01-20T22:30:11.777Z",
"dateUpdated": "2026-02-03T15:27:51.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24133 (GCVE-0-2026-24133)
Vulnerability from cvelistv5 – Published: 2026-02-02 20:32 – Updated: 2026-02-03 15:17
VLAI
EPSS
VEX
Title
jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder
Summary
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/parallax/jsPDF/security/adviso… | x_refsource_CONFIRM |
| https://github.com/parallax/jsPDF/commit/ae4b93f7… | x_refsource_MISC |
| https://github.com/parallax/jsPDF/releases/tag/v4.1.0 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:16:10.492386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:17:40.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jsPDF",
"vendor": "parallax",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T20:33:35.357Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-95fx-jjr5-f39c"
},
{
"name": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/commit/ae4b93f76d8fc1baa5614bd5fdb5d174c3b85f0d"
},
{
"name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"
}
],
"source": {
"advisory": "GHSA-95fx-jjr5-f39c",
"discovery": "UNKNOWN"
},
"title": "jsPDF Affected by Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-24133",
"datePublished": "2026-02-02T20:32:37.631Z",
"dateReserved": "2026-01-21T18:38:22.474Z",
"dateUpdated": "2026-02-03T15:17:40.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24737 (GCVE-0-2026-24737)
Vulnerability from cvelistv5 – Published: 2026-02-02 20:29 – Updated: 2026-07-15 01:17
VLAI
EPSS
VEX
Title
jsPDF has a PDF Injection in AcroFormChoiceField which allows Arbitrary JavaScript Execution
Summary
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0.
Severity
8.1 (High)
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://github.com/parallax/jsPDF/security/adviso… | x_refsource_CONFIRM |
| https://github.com/parallax/jsPDF/commit/da291a5f… | x_refsource_MISC |
| https://github.com/parallax/jsPDF/releases/tag/v4.1.0 | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-24737 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2436115 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:4466 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:4467 | vendor-advisoryx_refsource_REDHAT |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| parallax | jsPDF |
Affected:
< 4.1.0
|
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
Unaffected:
1773235880 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
Unaffected:
1773235860 , < *
(rpm)
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24737",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-03T15:07:06.608038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T15:07:51.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773235880",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773235860",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
}
],
"datePublic": "2026-02-02T20:29:05.011Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in jsPDF, a JavaScript library for generating PDFs. A remote attacker could exploit this vulnerability by providing unsanitized input to specific methods within the Acroform module, such as AcroformChoiceField.addOption or AcroFormCheckBox.appearanceState. This allows the attacker to inject arbitrary PDF objects, including JavaScript actions, which are then executed when a victim opens the crafted PDF document, leading to arbitrary code execution."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:17:03.129Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-24737"
},
{
"name": "RHBZ#2436115",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436115"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24737.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4466"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4467"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:4466: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:4467: Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-03T00:01:51.004Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-02-02T20:29:05.011Z",
"value": "Made public."
}
],
"title": "jsPDF: jsPDF: Arbitrary code execution via unsanitized input in Acroform module",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this vulnerability, avoid processing untrusted or unverified PDF documents with applications utilizing the jsPDF library. Ensure that any input provided to jsPDF\u0027s AcroForm methods and properties is properly sanitized to prevent the injection of arbitrary PDF objects and JavaScript actions. This operational control reduces the risk of arbitrary JavaScript execution."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "jsPDF",
"vendor": "parallax",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T20:29:05.011Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/parallax/jsPDF/security/advisories/GHSA-pqxr-3g65-p328",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-pqxr-3g65-p328"
},
{
"name": "https://github.com/parallax/jsPDF/commit/da291a5f01b96282545c9391996702cdb8879f79",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/commit/da291a5f01b96282545c9391996702cdb8879f79"
},
{
"name": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"
}
],
"source": {
"advisory": "GHSA-pqxr-3g65-p328",
"discovery": "UNKNOWN"
},
"title": "jsPDF has a PDF Injection in AcroFormChoiceField which allows Arbitrary JavaScript Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-24737",
"datePublished": "2026-02-02T20:29:05.011Z",
"dateReserved": "2026-01-26T19:06:16.059Z",
"dateUpdated": "2026-07-15T01:17:03.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25639 (GCVE-0-2026-25639)
Vulnerability from cvelistv5 – Published: 2026-02-09 20:11 – Updated: 2026-07-15 01:16
VLAI
EPSS
VEX
Title
Axios affected by Denial of Service via __proto__ Key in mergeConfig
Summary
Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
49 references
Impacted products
78 products
| Vendor | Product | Version | |
|---|---|---|---|
| axios | axios |
Affected:
>= 1.0.0, < 1.13.5
Affected: < 0.30.3 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 9 |
Unaffected:
0:2.6.7-1.el9ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.10 |
Unaffected:
1777128790 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.10::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
1776223790 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
1773100128 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
1775116156 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
1777301444 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | Network Observability (NETOBSERV) 1.11.2 |
Unaffected:
1774431392 , < *
(rpm)
cpe:/a:redhat:network_observ_optr:1.11::el9 |
|
| Red Hat | Network Observability (NETOBSERV) 1.11.2 |
Unaffected:
1774431617 , < *
(rpm)
cpe:/a:redhat:network_observ_optr:1.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
1773259174 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
1775116130 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
1783451729 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.15 |
Unaffected:
1776927126 , < *
(rpm)
cpe:/a:redhat:acm:2.15::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 |
Unaffected:
1774446874 , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.5::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
Unaffected:
1774243862 , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
Unaffected:
1774363040 , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Developer Hub 1.8 |
Unaffected:
1774545605 , < *
(rpm)
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
Unaffected:
1775140647 , < *
(rpm)
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat Discovery 2 |
Unaffected:
1770913709 , < *
(rpm)
cpe:/a:redhat:discovery:2::el9 |
|
| Red Hat | Red Hat Migration Toolkit 1.8 |
Unaffected:
1780590717 , < *
(rpm)
cpe:/a:redhat:rhmt:1.8::el8 |
|
| Red Hat | Red Hat OpenShift AI 2.16 |
Unaffected:
1774282136 , < *
(rpm)
cpe:/a:redhat:openshift_ai:2.16::el8 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
Unaffected:
1776742021 , < *
(rpm)
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
Unaffected:
1776742141 , < *
(rpm)
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1779189627 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1778473763 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
Unaffected:
1778666987 , < *
(rpm)
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
Unaffected:
1775577192 , < *
(rpm)
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
Unaffected:
1773746857 , < *
(rpm)
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.21 |
Unaffected:
1773849532 , < *
(rpm)
cpe:/a:redhat:openshift:4.21::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
Unaffected:
1774448966 , < *
(rpm)
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
Unaffected:
1774476526 , < *
(rpm)
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
Unaffected:
1774227265 , < *
(rpm)
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat OpenShift Pipelines 1.21 |
Unaffected:
1774871390 , < *
(rpm)
cpe:/a:redhat:openshift_pipelines:1.21::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 2.6 |
Unaffected:
1771229736 , < *
(rpm)
cpe:/a:redhat:service_mesh:2.6::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 2.6 |
Unaffected:
1771230055 , < *
(rpm)
cpe:/a:redhat:service_mesh:2.6::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1771372940 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
Unaffected:
1771373071 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1771372942 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
Unaffected:
1771385160 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1771229583 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
Unaffected:
1771385315 , < *
(rpm)
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat Quay 3.10 |
Unaffected:
1773971077 , < *
(rpm)
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.12 |
Unaffected:
1773771962 , < *
(rpm)
cpe:/a:redhat:quay:3.12::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
Unaffected:
1775169219 , < *
(rpm)
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
Unaffected:
1775069491 , < *
(rpm)
Unaffected: 1775169226 , < * (rpm) cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Red Hat Quay 3.9 |
Unaffected:
1773936323 , < *
(rpm)
cpe:/a:redhat:quay:3.9::el8 |
|
| Red Hat | Red Hat Satellite 6.18 |
Unaffected:
1776250950 , < *
(rpm)
cpe:/a:redhat:satellite:6.18::el9 |
|
| Red Hat | Red Hat Satellite 6.18 |
Unaffected:
1776216284 , < *
(rpm)
cpe:/a:redhat:satellite:6.18::el9 |
|
| Red Hat | Red Hat Satellite 6.18 |
Unaffected:
1776269713 , < *
(rpm)
cpe:/a:redhat:satellite:6.18::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.3 |
Unaffected:
1771324807 , < *
(rpm)
cpe:/a:redhat:trusted_artifact_signer:1.3::el9 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat build of Apache Camel - HawtIO 4 |
cpe:/a:redhat:apache_camel_hawtio:4 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat Build of Kueue |
cpe:/a:redhat:kueue_operator:1 |
|
| Red Hat | Red Hat Build of Podman Desktop - Tech Preview |
cpe:/a:redhat:podman_desktop:0 |
|
| Red Hat | Red Hat Data Grid 8 |
cpe:/a:redhat:jboss_data_grid:8 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | Red Hat Trusted Artifact Signer |
cpe:/a:redhat:trusted_artifact_signer:1 |
|
| Red Hat | Red Hat Trusted Profile Analyzer |
cpe:/a:redhat:trusted_profile_analyzer:2 |
|
| Red Hat | Self-service automation portal 2 |
cpe:/a:redhat:ansible_portal:2 |
|
| Red Hat | streams for Apache Kafka 2 |
cpe:/a:redhat:amq_streams:2 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:39:46.394625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:59:44.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "automation-platform-ui",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.6.7-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777128790",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776223790",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773100128",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775116156",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/console-mce-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1777301444",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1.11::el9"
],
"defaultStatus": "affected",
"packageName": "network-observability/network-observability-console-plugin-compat-rhel9",
"product": "Network Observability (NETOBSERV) 1.11.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774431392",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:network_observ_optr:1.11::el9"
],
"defaultStatus": "affected",
"packageName": "network-observability/network-observability-console-plugin-rhel9",
"product": "Network Observability (NETOBSERV) 1.11.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774431617",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773259174",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775116130",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1783451729",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.15::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/console-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776927126",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-25/lightspeed-rhel8",
"product": "Red Hat Ansible Automation Platform 2.5",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774446874",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-26/gateway-rhel9",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774243862",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-26/lightspeed-rhel9",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774363040",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774545605",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"packageName": "rhdh/rhdh-hub-rhel9",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775140647",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "discovery/discovery-ui-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1770913709",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhmt:1.8::el8"
],
"defaultStatus": "affected",
"packageName": "rhmtc/openshift-migration-ui-rhel8",
"product": "Red Hat Migration Toolkit 1.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1780590717",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:2.16::el8"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel8",
"product": "Red Hat OpenShift AI 2.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774282136",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel9",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776742021",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776742141",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-dashboard-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1779189627",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-gen-ai-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778473763",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhoai/odh-mod-arch-model-registry-rhel9",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1778666987",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-monitoring-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775577192",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-monitoring-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773746857",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-monitoring-plugin-rhel9",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773849532",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"packageName": "devspaces/code-rhel9",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774448966",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"packageName": "devspaces/dashboard-rhel9",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774476526",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"packageName": "devspaces/traefik-rhel9",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774227265",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1.21::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-operator-bundle",
"product": "Red Hat OpenShift Pipelines 1.21",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1774871390",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel8",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771229736",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel8",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771230055",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771372940",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771373071",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771372942",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771385160",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-ossmc-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771229583",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-service-mesh/kiali-rhel9",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771385315",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773971077",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773771962",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775169219",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel9",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1775069491",
"versionType": "rpm"
},
{
"lessThan": "*",
"status": "unaffected",
"version": "1775169226",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"packageName": "quay/quay-rhel8",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1773936323",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"packageName": "satellite/iop-advisor-frontend-rhel9",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776250950",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"packageName": "satellite/iop-host-inventory-frontend-rhel9",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776216284",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"packageName": "satellite/iop-vulnerability-frontend-rhel9",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1776269713",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"packageName": "rhtas/rhtas-console-ui-rhel9",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1771324807",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"packageName": "io.cryostat-cryostat",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unaffected",
"packageName": "gatekeeper/gatekeeper-rhel9",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch6-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-operator-bundle",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-proxy-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-rhel9-operator",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/kibana6-rhel8",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-curator5-rhel9",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "affected",
"packageName": "mta/mta-ui-rhel9",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-api-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-db-migration-rhel8",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"packageName": "openshift-pipelines/pipelines-hub-ui-rhel9",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-operator-bundle",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"packageName": "openshift-service-mesh/kiali-rhel9-operator",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp20/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp21/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp22/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp24/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp25/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp26/system",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp2/system-rhel7",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp2/system-rhel8",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"packageName": "3scale-amp2/system-rhel9",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform/automation-dashboard-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform-tech-preview/automation-dashboard-rhel9",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-controller",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "automation-hub",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3x-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python-galaxy-ng",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "unaffected",
"packageName": "io.hawt-project",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "io.apicurio-apicurio-registry",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-must-gather-rhel9",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-operator-bundle",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-rhel9",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"packageName": "kueue/kueue-rhel9-operator",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:podman_desktop:0"
],
"defaultStatus": "affected",
"packageName": "rhdesktop/rh-podman-desktop-ext-openshift-local-rhel10",
"product": "Red Hat Build of Podman Desktop - Tech Preview",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "unaffected",
"packageName": "org.infinispan-infinispan-console",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "grafana",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"packageName": "rhelai3/bootc-cuda-rhel9",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"packageName": "rhelai3/disk-image-cuda-rhel9",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "io.apicurio-apicurito",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-kf-notebook-controller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"packageName": "rhoai/odh-notebook-controller-rhel8",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-agent-installer-ui-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-console",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ose-console-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"packageName": "devspaces/code-sshd-rhel9",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/kubevirt-console-plugin",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/kubevirt-console-plugin-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "unaffected",
"packageName": "org.kie-process-migration-service",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/createtree-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/trillian-database-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/trillian-logserver-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/trillian-logsigner-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/trillian-redis-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "unaffected",
"packageName": "rhtas/updatetree-rhel9",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_profile_analyzer:2"
],
"defaultStatus": "affected",
"packageName": "rhtpa/rhtpa-trustification-service-rhel9",
"product": "Red Hat Trusted Profile Analyzer",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_portal:2"
],
"defaultStatus": "affected",
"packageName": "ansible-automation-platform/automation-portal",
"product": "Self-service automation portal 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:2"
],
"defaultStatus": "unaffected",
"packageName": "com.github.streamshub-console",
"product": "streams for Apache Kafka 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"packageName": "com.github.streamshub-console",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
}
],
"datePublic": "2026-02-09T20:11:22.374Z",
"descriptions": [
{
"lang": "en",
"value": "A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:16:13.507Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"name": "RHBZ#2438237",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438237"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25639.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6277"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6428"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5633"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8229"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36882"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13548"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6308"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6174"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6802"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2694"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7249"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5174"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6192"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6170"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3107"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3105"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3109"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3106"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5665"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4942"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6497"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6567"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5168"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8499"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8500"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8501"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3087"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9848"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8218"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11414"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:6428: Network Observability (NETOBSERV) 1.11.2"
},
{
"lang": "en",
"value": "RHSA-2026:5633: Red Hat Advanced Cluster Management for Kubernetes 2.12"
},
{
"lang": "en",
"value": "RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13"
},
{
"lang": "en",
"value": "RHSA-2026:36882: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:6308: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:6174: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:6802: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:2694: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:25041: Red Hat Migration Toolkit 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:5807: Red Hat OpenShift AI 2.16"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:7249: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:5142: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:5174: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:6170: Red Hat OpenShift Pipelines 1.21"
},
{
"lang": "en",
"value": "RHSA-2026:3107: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:3105: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:3109: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:3106: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:5665: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:4942: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:6568: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:6497: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:6567: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:5168: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:8499: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:8500: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:8501: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:3087: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:13542: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:9848: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5636: multicluster engine for Kubernetes 2.7"
},
{
"lang": "en",
"value": "RHSA-2026:8218: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:11414: multicluster engine for Kubernetes 2.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-09T21:00:49.280Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-02-09T20:11:22.374Z",
"value": "Made public."
}
],
"title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "axios",
"vendor": "axios",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.13.5"
},
{
"status": "affected",
"version": "\u003c 0.30.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service. This vulnerability is fixed in versions 0.30.3 and 1.13.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T17:16:16.391Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"
},
{
"name": "https://github.com/axios/axios/pull/7369",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/pull/7369"
},
{
"name": "https://github.com/axios/axios/pull/7388",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/pull/7388"
},
{
"name": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"
},
{
"name": "https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/commit/d7ff1409c68168d3057fc3891f911b2b92616f9e"
},
{
"name": "https://github.com/axios/axios/releases/tag/v0.30.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/releases/tag/v0.30.3"
},
{
"name": "https://github.com/axios/axios/releases/tag/v1.13.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/axios/axios/releases/tag/v1.13.5"
}
],
"source": {
"advisory": "GHSA-43fc-jf86-j433",
"discovery": "UNKNOWN"
},
"title": "Axios affected by Denial of Service via __proto__ Key in mergeConfig"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25639",
"datePublished": "2026-02-09T20:11:22.374Z",
"dateReserved": "2026-02-04T05:15:41.791Z",
"dateUpdated": "2026-07-15T01:16:13.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…