rhsa-2025:4810
Vulnerability from csaf_redhat
Published
2025-05-12 15:04
Modified
2025-08-18 09:21
Summary
Red Hat Security Advisory: RHSA: Submariner 0.18.5 - bug and security update
Notes
Topic
Submariner 0.18 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.11.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details
Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner container images.
Security fix(es):
* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259)
* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* crypto/internal/nistec: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner 0.18 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.\n\nThis advisory contains bug fixes and enhancements to the Submariner container images.\n\nSecurity fix(es):\n\n* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259)\n* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n* crypto/internal/nistec: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:4810",
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4810.json"
}
],
"title": "Red Hat Security Advisory: RHSA: Submariner 0.18.5 - bug and security update",
"tracking": {
"current_release_date": "2025-08-18T09:21:06+00:00",
"generator": {
"date": "2025-08-18T09:21:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:4810",
"initial_release_date": "2025-05-12T15:04:37+00:00",
"revision_history": [
{
"date": "2025-05-12T15:04:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-12T15:04:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-18T09:21:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.11::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product_id": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product_id": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product_id": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product_id": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product_id": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product_id": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product_id": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product_id": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product_id": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product_id": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-01-23T12:57:38.123000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2341751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "RHBZ#2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
}
],
"release_date": "2025-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
},
{
"cve": "CVE-2024-53259",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2024-12-02T17:01:10.568793+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329991"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a \"message too large\" error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In regulated environments, certain controls are used together that help prevent CWE-345: Insufficient Verification of Data Authenticity. As a result, this vulnerability has been downgraded from Moderate to Low severity.\n\nRed Hat restricts access to all information contained within the platform by default. Access to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with least privilege principles to ensure that only authorized roles and users can execute or manipulate code. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, ensuring that mechanisms such as digital signatures or certificates verify the authenticity and origin of data. External infrastructure and internal cluster certificates are established and maintained within the secure environment. The platform enforces validated cryptographic modules across all compute resources, helping prevent unauthorized actors from accessing or interpreting exposed information, even if it is intercepted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53259"
},
{
"category": "external",
"summary": "RHBZ#2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50",
"url": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/pull/4729",
"url": "https://github.com/quic-go/quic-go/pull/4729"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2",
"url": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr"
}
],
"release_date": "2024-12-02T16:12:40.605000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "Use iptables to drop ICMP unreachable packets.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux"
},
{
"cve": "CVE-2025-22866",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-02-06T17:00:56.155646+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2344219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leakage is likely insufficient to recover the private key when P-256 is used in any well-known protocols.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22866"
},
{
"category": "external",
"summary": "RHBZ#2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866"
},
{
"category": "external",
"summary": "https://go.dev/cl/643735",
"url": "https://go.dev/cl/643735"
},
{
"category": "external",
"summary": "https://go.dev/issue/71383",
"url": "https://go.dev/issue/71383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k",
"url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3447",
"url": "https://pkg.go.dev/vuln/GO-2025-3447"
}
],
"release_date": "2025-02-06T16:54:10.252000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…