{ "threat_severity" : "Moderate", "public_date" : "2026-04-08T01:06:55Z", "bugzilla" : { "description" : "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root", "id" : "2456336", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2456336" }, "cvss3" : { "cvss3_base_score" : "7.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-367", "details" : [ "On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.", "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem." ], "statement" : "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.", "affected_release" : [ { "product_name" : "Cryostat 4 on RHEL 9", "release_date" : "2026-05-06T00:00:00Z", "advisory" : "RHSA-2026:14391", "cpe" : "cpe:/a:redhat:cryostat:4::el9", "package" : "cryostat/cryostat-storage-rhel9:4.1.1-7" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-04-23T00:00:00Z", "advisory" : "RHSA-2026:10217", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "golang-0:1.25.9-3.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11712", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "grafana-0:10.2.6-25.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11863", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "rhc-worker-playbook-0:0.2.3-5.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-13T00:00:00Z", "advisory" : "RHSA-2026:17075", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "yggdrasil-0:0.4.8-5.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19132", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "rhc-worker-playbook-0:0.2.7-3.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19133", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "git-lfs-0:3.7.1-4.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19134", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "grafana-0:10.2.6-26.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19135", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "opentelemetry-collector-0:0.144.0-2.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19136", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "grafana-pcp-0:5.3.0-5.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19144", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "golang-github-openprinting-ipp-usb-0:0.9.27-7.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19156", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "rhc-1:0.3.8-4.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-11T00:00:00Z", "advisory" : "RHSA-2026:16024", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "golang-0:1.25.9-1.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-13T00:00:00Z", "advisory" : "RHSA-2026:17084", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "gvisor-tap-vsock-6:0.8.5-2.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-18T00:00:00Z", "advisory" : "RHSA-2026:18027", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "grafana-pcp-0:5.2.2-6.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-18T00:00:00Z", "advisory" : "RHSA-2026:18032", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "grafana-0:10.2.6-24.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19550", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "golang-github-openprinting-ipp-usb-0:0.9.27-3.el10_0.4" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19714", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "rhc-worker-playbook-0:0.2.3-5.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19715", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "git-lfs-0:3.6.1-2.el10_0.4" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19719", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "opentelemetry-collector-0:0.144.0-2.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19750", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "osbuild-composer-0:134.1-7.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-27T00:00:00Z", "advisory" : "RHSA-2026:10704", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "go-toolset:rhel8-8100020260422204008.a3795dee" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11507", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "grafana-0:9.2.10-30.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11514", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "grafana-pcp-0:5.1.1-14.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-05-11T00:00:00Z", "advisory" : "RHSA-2026:15980", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "rhc-1:0.2.5-7.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-05-13T00:00:00Z", "advisory" : "RHSA-2026:16875", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "git-lfs-0:3.4.1-10.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-04-24T00:00:00Z", "advisory" : "RHSA-2026:10219", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "golang-0:1.25.9-1.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11704", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "grafana-pcp-0:5.1.1-14.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11711", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "grafana-0:10.2.6-21.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-06T00:00:00Z", "advisory" : "RHSA-2026:14200", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "git-lfs-0:3.6.1-8.el9_7.1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19350", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "git-lfs-0:3.7.1-4.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19351", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "grafana-pcp-0:5.1.1-15.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19352", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "grafana-0:10.2.6-22.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19353", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "opentelemetry-collector-0:0.144.0-2.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19369", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "rhc-1:0.2.7-6.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19721", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "opentelemetry-collector-0:0.144.0-2.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-11T00:00:00Z", "advisory" : "RHSA-2026:16021", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "golang-0:1.25.9-1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19720", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "opentelemetry-collector-0:0.144.0-2.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-20T00:00:00Z", "advisory" : "RHSA-2026:19722", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "git-lfs-0:3.6.1-2.el9_6.4" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-21T00:00:00Z", "advisory" : "RHSA-2026:19839", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "grafana-pcp-0:5.1.1-14.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-05-26T00:00:00Z", "advisory" : "RHSA-2026:20556", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "grafana-0:10.2.6-21.el9_6" }, { "product_name" : "Network Observability (NETOBSERV) 1.11.2", "release_date" : "2026-05-13T00:00:00Z", "advisory" : "RHSA-2026:16874", "cpe" : "cpe:/a:redhat:network_observ_optr:1.11::el9", "package" : "network-observability/network-observability-flowlogs-pipeline-rhel9:1778508248" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.15", "release_date" : "2026-04-28T00:00:00Z", "advisory" : "RHSA-2026:11408", "cpe" : "cpe:/a:redhat:acm:2.15::el9", "package" : "rhacm2/volsync-rhel9:1777380373" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.16", "release_date" : "2026-04-29T00:00:00Z", "advisory" : "RHSA-2026:11803", "cpe" : "cpe:/a:redhat:acm:2.16::el9", "package" : "rhacm2/volsync-rhel9:1777380410" }, { "product_name" : "Red Hat Advanced Cluster Security for Kubernetes 4.1", "release_date" : "2026-05-05T00:00:00Z", "advisory" : "RHSA-2026:13829", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.10::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:1777976489" }, { "product_name" : "Red Hat Advanced Cluster Security for Kubernetes 4.9", "release_date" : "2026-05-05T00:00:00Z", "advisory" : "RHSA-2026:13791", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.9::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:1777986630" }, { "product_name" : "Red Hat Developer Hub 1.9", "release_date" : "2026-05-05T00:00:00Z", "advisory" : "RHSA-2026:13826", "cpe" : "cpe:/a:redhat:rhdh:1.9::el9", "package" : "rhdh/rhdh-rhel9-operator:1777902709" }, { "product_name" : "Red Hat Hardened Images", "release_date" : "2026-04-09T00:00:00Z", "advisory" : "RHSA-2026:7291", "cpe" : "cpe:/a:redhat:hummingbird:1", "package" : "golang1-26-main-1.26.2-1.hum1" }, { "product_name" : "Red Hat Hardened Images", "release_date" : "2026-04-10T00:00:00Z", "advisory" : "RHSA-2026:7385", "cpe" : "cpe:/a:redhat:hummingbird:1", "package" : "golang1-25-main-1.25.9-1.hum1" }, { "product_name" : "Red Hat OpenShift distributed tracing 3.9.3", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9385", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9", "package" : "rhosdt/tempo-rhel9:1776435680" }, { "product_name" : "Red Hat Quay 3.16", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19375", "cpe" : "cpe:/a:redhat:quay:3.16::el9", "package" : "quay/quay-rhel9:1779204086" } ], "package_state" : [ { "product_name" : "Assisted Installer for Red Hat OpenShift Container Platform 2", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/appliance", "cpe" : "cpe:/a:redhat:assisted_installer:2" }, { "product_name" : "Builds for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/openshift-builds-waiter-1-6", "cpe" : "cpe:/a:redhat:openshift_builds:1" }, { "product_name" : "Builds for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/openshift-builds-waiter-1-7", "cpe" : "cpe:/a:redhat:openshift_builds:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/jetstack-cert-manager-1-17", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/jetstack-cert-manager-1-18", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "Compliance Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/compliance-operator-bundle-release", "cpe" : "cpe:/a:redhat:openshift_compliance_operator:1" }, { "product_name" : "Confidential Compute Attestation", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/osc-caa", "cpe" : "cpe:/a:redhat:confidential_compute_attestation:1" }, { "product_name" : "Confidential Compute Attestation", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/trustee-operator", "cpe" : "cpe:/a:redhat:confidential_compute_attestation:1" }, { "product_name" : "Custom Metric Autoscaler operator for Red Hat Openshift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/keda-adapter", "cpe" : "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2" }, { "product_name" : "Deployment Validation Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/deployment-validation-operator", "cpe" : "cpe:/a:redhat:deployment_validator_operator" }, { "product_name" : "ExternalDNS Operator", "fix_state" : "Affected", "package_name" : "edo/external-dns-rhel8", "cpe" : "cpe:/a:redhat:ext_dns_optr:1" }, { "product_name" : "ExternalDNS Operator", "fix_state" : "Not affected", "package_name" : "edo/external-dns-rhel9", "cpe" : "cpe:/a:redhat:ext_dns_optr:1" }, { "product_name" : "External Secrets Operator for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "external-secrets-operator/external-secrets-rhel9", "cpe" : "cpe:/a:redhat:external_secrets_operator:1" }, { "product_name" : "Fence Agents Remediation Operator", "fix_state" : "Affected", "package_name" : "workload-availability/fence-agents-remediation-rhel8-operator", "cpe" : "cpe:/a:redhat:workload_availability_far:0" }, { "product_name" : "File Integrity Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/file-integrity-operator-release", "cpe" : "cpe:/a:redhat:openshift_file_integrity_operator:1" }, { "product_name" : "Gatekeeper 3", "fix_state" : "Will not fix", "package_name" : "redhat-user-workloads/gatekeeper-operator-3-18", "cpe" : "cpe:/a:redhat:gatekeeper:3" }, { "product_name" : "Gatekeeper 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/gatekeeper-operator-3-20", "cpe" : "cpe:/a:redhat:gatekeeper:3" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/art-images", "cpe" : "cpe:/a:redhat:logging:6" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/logging-loki-v6-0", "cpe" : "cpe:/a:redhat:logging:6" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/logging-loki-v6-2", "cpe" : "cpe:/a:redhat:logging:6" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/logging-loki-v6-4", "cpe" : "cpe:/a:redhat:logging:6" }, { "product_name" : "Logical Volume Manager Storage", "fix_state" : "Affected", "package_name" : "lvms4/topolvm-rhel8", "cpe" : "cpe:/a:redhat:lvms:4" }, { "product_name" : "Logical Volume Manager Storage", "fix_state" : "Not affected", "package_name" : "lvms4/topolvm-rhel9", "cpe" : "cpe:/a:redhat:lvms:4" }, { "product_name" : "Logical Volume Manager Storage", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/lvm-operator", "cpe" : "cpe:/a:redhat:lvms:4" }, { "product_name" : "Machine Deletion Remediation Operator", "fix_state" : "Affected", "package_name" : "workload-availability/machine-deletion-remediation-rhel8-operator", "cpe" : "cpe:/a:redhat:workload_availability_mdr:0" }, { "product_name" : "Migration Toolkit for Applications 8", "fix_state" : "Affected", "package_name" : "mta/mta-cli-rhel9", "cpe" : "cpe:/a:redhat:migration_toolkit_applications:8" }, { "product_name" : "Migration Toolkit for Applications 8", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/art-images", "cpe" : "cpe:/a:redhat:migration_toolkit_applications:8" }, { "product_name" : "Migration Toolkit for Containers", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/art-images", "cpe" : "cpe:/a:redhat:rhmt:1" }, { "product_name" : "mirror registry for Red Hat OpenShift", "fix_state" : "Out of support scope", "package_name" : "openshift/mirror-registry-rhel8", "cpe" : "cpe:/a:redhat:mirror_registry:1" }, { "product_name" : "mirror registry for Red Hat OpenShift 2", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/mirror-registry-v2-0", "cpe" : "cpe:/a:redhat:mirror_registry:2" }, { "product_name" : "Multiarch Tuning Operator", "fix_state" : "Affected", "package_name" : "multiarch-tuning/multiarch-tuning-operator-bundle", "cpe" : "cpe:/a:redhat:multiarch_tuning_operator" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/image-based-install-operator-mce-26", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/image-based-install-operator-mce-27", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/kube-rbac-proxy-mce-210", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/kube-rbac-proxy-mce-211", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/kube-rbac-proxy-mce-28", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/kube-rbac-proxy-mce-29", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Global Hub", "fix_state" : "Affected", "package_name" : "multicluster-globalhub/multicluster-globalhub-agent-rhel8", "cpe" : "cpe:/a:redhat:multicluster_globalhub" }, { "product_name" : "Multicluster Global Hub", "fix_state" : "Affected", "package_name" : "multicluster-globalhub/multicluster-globalhub-agent-rhel9", "cpe" : "cpe:/a:redhat:multicluster_globalhub" }, { "product_name" : "Multicluster Global Hub", "fix_state" : "Affected", "package_name" : "multicluster-globalhub/multicluster-globalhub-grafana-rhel9", "cpe" : "cpe:/a:redhat:multicluster_globalhub" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Affected", "package_name" : "node-healthcheck-operator-tech-preview/node-healthcheck-operator-rhel8", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Affected", "package_name" : "node-healthcheck-operator-tech-preview/node-healthcheck-rhel8-operator", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Affected", "package_name" : "workload-availability/node-healthcheck-rhel8-operator", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "OpenShift API for Data Protection", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/art-images", "cpe" : "cpe:/a:redhat:openshift_api_data_protection:1" }, { "product_name" : "OpenShift Developer Tools and Services", "fix_state" : "Affected", "package_name" : "helm", "cpe" : "cpe:/a:redhat:ocp_tools" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/openshift-mcp-server", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Affected", "package_name" : "openshift-pipelines-client", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Affected", "package_name" : "kn-workflow-plugin", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Affected", "package_name" : "openshift-serverless-clients", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/kn-plugin-event-sender", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-golang-builder-container", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-cni-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-rhel8-operator", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/pilot-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/proxyv2-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/ratelimit-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kiali-2-6", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-golang-builder-container", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-cni-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-pilot-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-proxyv2-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-rhel9-operator", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kiali-3-0", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kiali-3-1", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kiali-3-2", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kiali-3-3", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Source-to-Image (S2I)", "fix_state" : "Affected", "package_name" : "source-to-image/source-to-image-rhel8", "cpe" : "cpe:/a:redhat:source_to_image:1" }, { "product_name" : "Power monitoring for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/kepler", "cpe" : "cpe:/a:redhat:openshift_power_monitoring" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp2/3scale-rhel7-operator", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Not affected", "package_name" : "3scale-amp2/3scale-rhel9-operator", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Will not fix", "package_name" : "redhat-user-workloads/volsync-0-13", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/volsync-0-15", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat AMQ Broker 7", "fix_state" : "Affected", "package_name" : "amq7/amq-broker-rhel9-operator", "cpe" : "cpe:/a:redhat:amq_broker:7" }, { "product_name" : "Red Hat AMQ Clients", "fix_state" : "Not affected", "package_name" : "python39-qpid-proton", "cpe" : "cpe:/a:redhat:amq_clients:2023" }, { "product_name" : "Red Hat AMQ Clients", "fix_state" : "Not affected", "package_name" : "qpid-proton", "cpe" : "cpe:/a:redhat:amq_clients:2023" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-24/aap-cluster-scoped-bundle-container-24", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-25/aap-cluster-scoped-bundle-container-25", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-gateway-proxy", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-gateway-proxy-openssl30", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-gateway-proxy-openssl32", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.11-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.11-grpcio", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.12-brotli", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.12-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.12-grpcio", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3x-grpcio", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python-grpcio", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "receptor", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/aoc-azure-aap-installer-container", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Affected", "package_name" : "rhbac-4/hawtio-rhel8-operator", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Affected", "package_name" : "rhbac-4/hawtio-rhel9-operator", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Affected", "package_name" : "rhbac-4-tech-preview/hawtio-rhel8-operator", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apicurio Registry 2", "fix_state" : "Affected", "package_name" : "apicurio/apicurio-registry-rhel8-operator", "cpe" : "cpe:/a:redhat:service_registry:2" }, { "product_name" : "Red Hat build of Apicurio Registry 2", "fix_state" : "Affected", "package_name" : "apicurio/apicurio-registry-rhel9-operator", "cpe" : "cpe:/a:redhat:service_registry:2" }, { "product_name" : "Red Hat Ceph Storage 5", "fix_state" : "Fix deferred", "package_name" : "rhceph-ci/grafana", "cpe" : "cpe:/a:redhat:ceph_storage:5" }, { "product_name" : "Red Hat Ceph Storage 6", "fix_state" : "Fix deferred", "package_name" : "rhceph-ci/grafana", "cpe" : "cpe:/a:redhat:ceph_storage:6" }, { "product_name" : "Red Hat Certification Program for Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "redhat-certification-preflight", "cpe" : "cpe:/a:redhat:certifications:9" }, { "product_name" : "Red Hat Connectivity Link 1", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/rhcl-1-3-coredns", "cpe" : "cpe:/a:redhat:connectivity_link:1" }, { "product_name" : "Red Hat Edge Manager 1", "fix_state" : "Affected", "package_name" : "flightctl", "cpe" : "cpe:/a:redhat:edge_manager:1" }, { "product_name" : "Red Hat Edge Manager 1", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/flightctl-ui", "cpe" : "cpe:/a:redhat:edge_manager:1" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "butane", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "delve", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "go-fdo-client", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "go-fdo-server", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "golang-github-cpuguy83-md2man", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "go-rpm-macros", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "gpsd", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "gvisor-tap-vsock", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "ignition", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "image-builder", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "linux-sgx", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "oci-seccomp-bpf-hook", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "osbuild", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "podman", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "python-awscrt", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "radii", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "rhel10/bootc-image-builder", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "rsyslog", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "toolbox", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "trustee", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "trustee-guest-components", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "yggdrasil-worker-package-manager", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "host-metering", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "rhc", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "rhc-worker-script", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "containernetworking-plugins", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "container-tools:rhel8/buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:rhel8/conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "container-tools:rhel8/containernetworking-plugins", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:rhel8/oci-seccomp-bpf-hook", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "container-tools:rhel8/podman", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:rhel8/runc", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "container-tools:rhel8/skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "golang", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "oci-seccomp-bpf-hook", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "podman", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "rsyslog", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "runc", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "toolbox", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "weldr-client", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "butane", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "containernetworking-plugins", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "golang-github-cpuguy83-md2man", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "go-rpm-macros", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "gpsd-minimal", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "gvisor-tap-vsock", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "ignition", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "image-builder", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "linux-sgx", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "oci-seccomp-bpf-hook", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "osbuild", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "podman", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "python-awscrt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "rhel9/bootc-image-builder", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "rsyslog", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "runc", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "toolbox", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "trustee-guest-components", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "weldr-client", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3", "fix_state" : "Affected", "package_name" : "golang", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3" }, { "product_name" : "Red Hat JBoss Web Server 6", "fix_state" : "Affected", "package_name" : "jboss-webserver/jws-rhel9-operator", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:6" }, { "product_name" : "Red Hat Lightspeed for Runtimes Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/runtimes-inventory-operator", "cpe" : "cpe:/a:redhat:lightspeed_for_runtimes:1" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-cli-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Cluster Manager CLI", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/ocm-cli", "cpe" : "cpe:/a:redhat:openshift_cluster_manager_cli:1" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "butane", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "conmon-rs", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "containernetworking-plugins", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "cri-o", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "cri-tools", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "golang-github-prometheus-promu", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "ignition", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "kata-containers", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "microshift", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/frr-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-node", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-sdn-rhel7", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-sdn-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-sdn-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift-clients", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift-golang-builder-container", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift-kuryr", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "ose-aws-ecr-image-credential-provider", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "ose-azure-acr-image-credential-provider", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "ose-gcp-gcr-image-credential-provider", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "podman", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/art-images", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "runc", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "skopeo", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "ocs4/cephcsi-rhel8", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/cephcsi-rhel8", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/cephcsi-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "rhceph-dev/odf4-cephcsi-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/udi-rhel9", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift Dev Workspaces Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/devworkspace-rhel9-operator", "cpe" : "cpe:/a:redhat:devworkspace" }, { "product_name" : "Red Hat OpenShift for Windows Containers", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/windows-machine-config-operator-release-4-18", "cpe" : "cpe:/a:redhat:windows_machine_config" }, { "product_name" : "Red Hat OpenShift for Windows Containers", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/windows-machine-config-operator-release-4-19", "cpe" : "cpe:/a:redhat:windows_machine_config" }, { "product_name" : "Red Hat OpenShift for Windows Containers", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/windows-machine-config-operator-release-4-20", "cpe" : "cpe:/a:redhat:windows_machine_config" }, { "product_name" : "Red Hat OpenShift for Windows Containers", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/windows-machine-config-operator-release-4-21", "cpe" : "cpe:/a:redhat:windows_machine_config" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/dex-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/dex-rhel9", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift on AWS", "fix_state" : "Affected", "package_name" : "rosa", "cpe" : "cpe:/a:redhat:openshift_service_on_aws:1" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Not affected", "package_name" : "cnv-tech-preview/virt-api", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Not affected", "package_name" : "container-native-virtualization/virt-api", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Not affected", "package_name" : "container-native-virtualization/virt-api-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Not affected", "package_name" : "kubevirt", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Not affected", "package_name" : "openshift-golang-builder-container", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Affected", "package_name" : "etcd", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Affected", "package_name" : "golang-github-infrawatch-apputils", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Affected", "package_name" : "golang-qpid-apache", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Not affected", "package_name" : "qpid-proton", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/osp-director-agent", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Not affected", "package_name" : "collectd-libpod-stats", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Affected", "package_name" : "etcd", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Affected", "package_name" : "golang-github-infrawatch-apputils", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Affected", "package_name" : "golang-qpid-apache", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Affected", "package_name" : "golang-uber-multierr", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Not affected", "package_name" : "qpid-proton", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/osp-director-agent", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Affected", "package_name" : "golang-github-openstack-k8s-operators-os-diff", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/sg-core", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-12", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/quay-quay-v3-13", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-14", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-15", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-16", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-17", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/quay-quay-v3-9", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "dynflow-utils", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/iop-ingress-sat-6-18", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "rubygem-dynflow", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "yggdrasil-worker-forwarder", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Service Interconnect 1", "fix_state" : "Affected", "package_name" : "qpid-proton", "cpe" : "cpe:/a:redhat:service_interconnect:1" }, { "product_name" : "Red Hat Service Interconnect 1", "fix_state" : "Affected", "package_name" : "skupper-cli", "cpe" : "cpe:/a:redhat:service_interconnect:1" }, { "product_name" : "Red Hat Service Interconnect 2", "fix_state" : "Affected", "package_name" : "qpid-proton", "cpe" : "cpe:/a:redhat:service_interconnect:2" }, { "product_name" : "Red Hat Service Interconnect 2", "fix_state" : "Affected", "package_name" : "skupper-cli", "cpe" : "cpe:/a:redhat:service_interconnect:2" }, { "product_name" : "Red Hat Service Interconnect 2", "fix_state" : "Affected", "package_name" : "skupper-router", "cpe" : "cpe:/a:redhat:service_interconnect:2" }, { "product_name" : "Red Hat Trusted Artifact Signer", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/cli-v08", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1" }, { "product_name" : "Red Hat Trusted Artifact Signer", "fix_state" : "Affected", "package_name" : "securesign/gitsign", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-11", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-12", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-13", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-14", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-15", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Red Hat Web Terminal", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/web-terminal-exec-1-16", "cpe" : "cpe:/a:redhat:webterminal:1" }, { "product_name" : "Security Profiles Operator", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/security-profiles-operator-release", "cpe" : "cpe:/a:redhat:openshift_security_profiles_operator:1" }, { "product_name" : "Service Telemetry Framework 1.5", "fix_state" : "Not affected", "package_name" : "redhat-user-workloads/sg-core", "cpe" : "cpe:/a:redhat:stf:1.5" }, { "product_name" : "streams for Apache Kafka 3", "fix_state" : "Affected", "package_name" : "golang-github-danielqsj-kafka_exporter", "cpe" : "cpe:/a:redhat:amq_streams:3" }, { "product_name" : "Zero Trust Workload Identity Manager", "fix_state" : "Affected", "package_name" : "redhat-user-workloads/spiffe-csi-driver-0-2-8", "cpe" : "cpe:/a:redhat:zero_trust_workload_identity_manager:1" }, { "product_name" : "Zero Trust Workload Identity Manager - Tech Preview", "fix_state" : "Will not fix", "package_name" : "redhat-user-workloads/spiffe-spire-agent-1-12-4", "cpe" : "cpe:/a:redhat:zero_trust_workload_identity_manager:0" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-32282\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-32282\nhttps://go.dev/cl/763761\nhttps://go.dev/issue/78293\nhttps://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\nhttps://pkg.go.dev/vuln/GO-2026-4864" ], "name" : "CVE-2026-32282", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }