{ "threat_severity" : "Important", "public_date" : "2026-01-21T19:05:28Z", "bugzilla" : { "description" : "lodash: prototype pollution in _.unset and _.omit functions", "id" : "2431740", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2431740" }, "cvss3" : { "cvss3_base_score" : "8.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "status" : "verified" }, "cwe" : "CWE-1321", "details" : [ "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\nThis issue is patched on 4.17.23", "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service." ], "statement" : "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.", "affected_release" : [ { "product_name" : "Cryostat 4 on RHEL 9", "release_date" : "2026-02-03T00:00:00Z", "advisory" : "RHSA-2026:1845", "cpe" : "cpe:/a:redhat:cryostat:4::el9", "package" : "cryostat/cryostat-openshift-console-plugin-rhel9:4.1.0-17" }, { "product_name" : "Cryostat 4 on RHEL 9", "release_date" : "2026-02-03T00:00:00Z", "advisory" : "RHSA-2026:1845", "cpe" : "cpe:/a:redhat:cryostat:4::el9", "package" : "cryostat/cryostat-rhel9:4.1.0-17" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3958", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "automation-platform-ui-0:2.6.6-1.el9ap" }, { "product_name" : "Red Hat Data Grid 8.6.0", "release_date" : "2026-03-16T00:00:00Z", "advisory" : "RHSA-2026:4630", "cpe" : "cpe:/a:redhat:jboss_data_grid:8", "package" : "org.infinispan-infinispan-console" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2438", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "pcs-0:0.12.1-1.el10_1.2" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-02-17T00:00:00Z", "advisory" : "RHSA-2026:2818", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "pcs-0:0.12.0-3.el10_0.4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2462", "cpe" : "cpe:/a:redhat:rhel_aus:8.4::highavailability", "package" : "pcs-0:0.10.8-1.el8_4.10" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2462", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability", "package" : "pcs-0:0.10.8-1.el8_4.10" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2469", "cpe" : "cpe:/a:redhat:rhel_tus:8.6::highavailability", "package" : "pcs-0:0.10.12-6.el8_6.12" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2469", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6::highavailability", "package" : "pcs-0:0.10.12-6.el8_6.12" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2465", "cpe" : "cpe:/a:redhat:rhel_tus:8.8::highavailability", "package" : "pcs-0:0.10.15-4.el8_8.10" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2465", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8::highavailability", "package" : "pcs-0:0.10.15-4.el8_8.10" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2452", "cpe" : "cpe:/a:redhat:enterprise_linux:9::highavailability", "package" : "pcs-0:0.11.10-1.el9_7.2" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2484", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0::highavailability", "package" : "pcs-0:0.11.1-10.el9_0.10" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-02-17T00:00:00Z", "advisory" : "RHSA-2026:2819", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2::highavailability", "package" : "pcs-0:0.11.4-7.el9_2.7" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-02-17T00:00:00Z", "advisory" : "RHSA-2026:2817", "cpe" : "cpe:/a:redhat:rhel_eus:9.4::highavailability", "package" : "pcs-0:0.11.7-2.el9_4.6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-02-17T00:00:00Z", "advisory" : "RHSA-2026:2816", "cpe" : "cpe:/a:redhat:rhel_eus:9.6::highavailability", "package" : "pcs-0:0.11.9-2.el9_6.3" }, { "product_name" : "Cluster Observability Operator 1.4.0", "release_date" : "2026-03-17T00:00:00Z", "advisory" : "RHSA-2026:4782", "cpe" : "cpe:/a:redhat:cluster_observability_operator:1.4::el9", "package" : "cluster-observability-operator/monitoring-console-plugin-pf5-rhel9:sha256:31024b3e1833ac54dd9e6c9fbdabc6b7d17ee102e8297c1616b2ff278a4caeb2" }, { "product_name" : "Cluster Observability Operator 1.4.0", "release_date" : "2026-03-17T00:00:00Z", "advisory" : "RHSA-2026:4782", "cpe" : "cpe:/a:redhat:cluster_observability_operator:1.4::el9", "package" : "cluster-observability-operator/monitoring-console-plugin-rhel9:sha256:53aa89bc32226acfdab31be2bbc0fbf31293e48f77e4197ed0a34ddc648c55b7" }, { "product_name" : "multicluster engine for Kubernetes 2.7", "release_date" : "2026-03-24T00:00:00Z", "advisory" : "RHSA-2026:5636", "cpe" : "cpe:/a:redhat:multicluster_engine:2.7::el9", "package" : "multicluster-engine/console-mce-rhel9:sha256:2efa3dbf99e5be1f8eb4f169f5f2229b338fdf2d2c72b9c0b0da9392e612cc5f" }, { "product_name" : "Network Observability (NETOBSERV) 1.11.1", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2900", "cpe" : "cpe:/a:redhat:network_observ_optr:1.11::el9", "package" : "network-observability/network-observability-console-plugin-compat-rhel9:sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16" }, { "product_name" : "Network Observability (NETOBSERV) 1.11.1", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2900", "cpe" : "cpe:/a:redhat:network_observ_optr:1.11::el9", "package" : "network-observability/network-observability-console-plugin-rhel9:sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2.12", "release_date" : "2026-03-24T00:00:00Z", "advisory" : "RHSA-2026:5633", "cpe" : "cpe:/a:redhat:acm:2.12::el9", "package" : "rhacm2/console-rhel9:sha256:0d6238ef864831d455a4a4b86d860469443079f6dcd26ce3b4fe546800565844" }, { "product_name" : "Red Hat Advanced Cluster Security 4.8", "release_date" : "2026-03-12T00:00:00Z", "advisory" : "RHSA-2026:4466", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.8::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:sha256:044d47930afa0388faad107510c8edfc20cf58e575fdb6a3052e98748b1f94fb" }, { "product_name" : "Red Hat Advanced Cluster Security for Kubernetes 4.9", "release_date" : "2026-03-12T00:00:00Z", "advisory" : "RHSA-2026:4467", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.9::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:sha256:669b38265ef149e2361e5eada1bee14e895da0de3e687358186e0095483e1897" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3962", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "ansible-automation-platform-25/lightspeed-rhel8:sha256:069c671a4745f1059e48d1813e593fc33665d9c4c1e0b14c12a0ca3bc8d32080" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3960", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "ansible-automation-platform-26/gateway-rhel9:sha256:2bf86b61c2f6e9cf292ce95553a6c5b15d0d6a91f11f68095dcbc0516134ba4e" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3960", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "ansible-automation-platform-26/lightspeed-rhel9:sha256:0b6086acb5dc2c46ba74583bbe1b39f22317a386fa4b89b6f592dfe6e9e10511" }, { "product_name" : "Red Hat Developer Hub 1.8", "release_date" : "2026-02-12T00:00:00Z", "advisory" : "RHSA-2026:2675", "cpe" : "cpe:/a:redhat:rhdh:1.8::el9", "package" : "rhdh/rhdh-hub-rhel9:sha256:114b288483eccad70b18159c9f75de9c061bdf9ee269198a75c3efeb68a43a2b" }, { "product_name" : "Red Hat Discovery 2", "release_date" : "2026-02-12T00:00:00Z", "advisory" : "RHSA-2026:2694", "cpe" : "cpe:/a:redhat:discovery:2::el9", "package" : "discovery/discovery-ui-rhel9:sha256:2ff9787699ff67dab7ee6f300d84651233f499aac8aeee10bfe21381806393c4" }, { "product_name" : "Red Hat OpenShift AI 2.25", "release_date" : "2026-03-04T00:00:00Z", "advisory" : "RHSA-2026:3782", "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9", "package" : "rhoai/odh-dashboard-rhel9:sha256:4e2c38590e4d912df8cd3a0d459f05908b5ed568e11d31177d8c9b7326404f3e" }, { "product_name" : "Red Hat OpenShift AI 2.25", "release_date" : "2026-03-04T00:00:00Z", "advisory" : "RHSA-2026:3782", "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9", "package" : "rhoai/odh-mod-arch-model-registry-rhel9:sha256:20c12c45a2ae97fa8d6c7e6a118312746827cb7ca38153561cb57514f9d97548" }, { "product_name" : "Red Hat OpenShift Container Platform 4.12", "release_date" : "2026-03-12T00:00:00Z", "advisory" : "RHSA-2026:3870", "cpe" : "cpe:/a:redhat:openshift:4.12::el9", "package" : "openshift4/ose-console:sha256:735a1f869be25e1b0cd29e96bab37c92161e4448a469f50edaabf506dabf9e97" }, { "product_name" : "Red Hat OpenShift Container Platform 4.13", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3422", "cpe" : "cpe:/a:redhat:openshift:4.13::el9", "package" : "openshift4/ose-console:sha256:f7cea5db815cfb15ab3556d127623a6618b721c06960c6382121d0b1ca27aca7" }, { "product_name" : "Red Hat OpenShift Container Platform 4.14", "release_date" : "2026-02-26T00:00:00Z", "advisory" : "RHSA-2026:2990", "cpe" : "cpe:/a:redhat:openshift:4.14::el9", "package" : "openshift4/ose-console:sha256:027b3596835e02a412ab6cb19ae476a4d3987a90403a46abb039ffc2f1c775e7" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2026-03-19T00:00:00Z", "advisory" : "RHSA-2026:4423", "cpe" : "cpe:/a:redhat:openshift:4.15::el9", "package" : "openshift4/ose-console:sha256:6157e3d8005e359d5d1722636c2d8f57cbb386b8019dfb131e06a8df5bcf782e" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2661", "cpe" : "cpe:/a:redhat:openshift:4.16::el9", "package" : "openshift4/ose-console-rhel9:sha256:06a4acb5a7b97c5f66d70cc351f4636eda111bc81454308281567359ebe0e693" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2672", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-console-rhel9:sha256:386efda49ab6426feae521e6f91a39f70f145f679f4d3a7a739cbfa2d533382a" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2026-02-11T00:00:00Z", "advisory" : "RHSA-2026:2078", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-console-rhel9:sha256:021a72c14288397c9ca9420d686a259d2db81d00803bd406fdbbf9cf4d413c4b" }, { "product_name" : "Red Hat OpenShift Container Platform 4.19", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2651", "cpe" : "cpe:/a:redhat:openshift:4.19::el9", "package" : "openshift4/ose-console-rhel9:sha256:32bce855cacd75509e7ce535c64fa6fb6f4d73696c66100bd04ff48f7e4d65d2" }, { "product_name" : "Red Hat OpenShift Container Platform 4.2", "release_date" : "2026-02-11T00:00:00Z", "advisory" : "RHSA-2026:2119", "cpe" : "cpe:/a:redhat:openshift:4.20::el9", "package" : "openshift4/ose-console-rhel9:sha256:187d31363fb3f1ebec1b969346874f59e10663e22b94599a113590cd154721b0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.21", "release_date" : "2026-02-24T00:00:00Z", "advisory" : "RHSA-2026:2984", "cpe" : "cpe:/a:redhat:openshift:4.21::el9", "package" : "openshift4/ose-monitoring-plugin-rhel9:sha256:4564e9fb26d47826ec57fecc43625b0ae15fbd314c0c634db48222aa2d5e4dda" }, { "product_name" : "Red Hat OpenShift Dev Spaces 3.27", "release_date" : "2026-03-30T00:00:00Z", "advisory" : "RHSA-2026:6192", "cpe" : "cpe:/a:redhat:openshift_devspaces:3.27::el9", "package" : "devspaces/code-rhel9:sha256:1033ffe714e728e289eddaa3809e9d21915de193813339fa5c049373e3e78719" }, { "product_name" : "Red Hat OpenShift Dev Spaces 3.27", "release_date" : "2026-03-30T00:00:00Z", "advisory" : "RHSA-2026:6192", "cpe" : "cpe:/a:redhat:openshift_devspaces:3.27::el9", "package" : "devspaces/dashboard-rhel9:sha256:272a65ee82a9484e1d4362a9f33b6cc1b0eb13d93e70b19cc3d0208f021c2bda" }, { "product_name" : "Red Hat OpenShift Dev Spaces 3.27", "release_date" : "2026-03-30T00:00:00Z", "advisory" : "RHSA-2026:6192", "cpe" : "cpe:/a:redhat:openshift_devspaces:3.27::el9", "package" : "devspaces/openvsx-rhel9:sha256:49ec7497195cc73b5ab71a31d84f4adba1068580f1b615a4918a6b9a614b8e1b" }, { "product_name" : "Red Hat OpenShift Dev Spaces 3.27", "release_date" : "2026-03-30T00:00:00Z", "advisory" : "RHSA-2026:6192", "cpe" : "cpe:/a:redhat:openshift_devspaces:3.27::el9", "package" : "devspaces/traefik-rhel9:sha256:12ae1997a6df944284ecfb3501138c25f1a39eba23b52685b48008174a6a363a" }, { "product_name" : "Red Hat OpenShift GitOps 1.17", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3869", "cpe" : "cpe:/a:redhat:openshift_gitops:1.17::el8", "package" : "openshift-gitops-1/console-plugin-rhel8:sha256:382872d09838547bd7b9416f5c800afb28c290e3a14109285da3ca2ff94a22af" }, { "product_name" : "Red Hat OpenShift GitOps 1.18", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3874", "cpe" : "cpe:/a:redhat:openshift_gitops:1.18::el8", "package" : "openshift-gitops-1/argocd-rhel9:sha256:2d36a79c3dc4ad8ae93f6c98463e7e044b24e4bd273c06f38bd026bd76abe9b5" }, { "product_name" : "Red Hat OpenShift GitOps 1.18", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3874", "cpe" : "cpe:/a:redhat:openshift_gitops:1.18::el8", "package" : "openshift-gitops-1/console-plugin-rhel8:sha256:67049777e7c82a5e07124c2b00508a2d343146db3126ee013faa9fbc7ea47458" }, { "product_name" : "Red Hat OpenShift GitOps 1.19", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3884", "cpe" : "cpe:/a:redhat:openshift_gitops:1.19::el8", "package" : "openshift-gitops-1/console-plugin-rhel8:sha256:4e2e35b6afc23e853e907050b82f405c6d207891728ff93b466066f99f970c64" }, { "product_name" : "Red Hat OpenShift Pipelines 1.15", "release_date" : "2026-03-04T00:00:00Z", "advisory" : "RHSA-2026:3710", "cpe" : "cpe:/a:redhat:openshift_pipelines:1.15::el8", "package" : "openshift-pipelines/pipelines-console-plugin-rhel8:sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793" }, { "product_name" : "Red Hat OpenShift Pipelines 1.15", "release_date" : "2026-03-04T00:00:00Z", "advisory" : "RHSA-2026:3712", "cpe" : "cpe:/a:redhat:openshift_pipelines:1.15::el8", "package" : "openshift-pipelines/pipelines-console-plugin-rhel8:sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793" }, { "product_name" : "Red Hat OpenShift Pipelines 1.2", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3825", "cpe" : "cpe:/a:redhat:openshift_pipelines:1.20::el9", "package" : "openshift-pipelines/pipelines-console-plugin-rhel9:sha256:120d93e1cf2a96bfa9d7745b88377651055ebe5595f68b7b4a4bb26f633e8611" }, { "product_name" : "Red Hat OpenShift Service Mesh 2.6", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2145", "cpe" : "cpe:/a:redhat:service_mesh:2.6::el8", "package" : "openshift-service-mesh/kiali-ossmc-rhel8:sha256:4e910b08863756516707f2ad8198c04dc6d706c78f481561a3b2e896800d4dbe" }, { "product_name" : "Red Hat OpenShift Service Mesh 2.6", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2145", "cpe" : "cpe:/a:redhat:service_mesh:2.6::el8", "package" : "openshift-service-mesh/kiali-rhel8:sha256:ad1449f9047107c23d5b0e53c3ca148a12a9729dd7aa474c5eadb55870f314fa" }, { "product_name" : "Red Hat OpenShift Service Mesh 3", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2147", "cpe" : "cpe:/a:redhat:service_mesh:3.0::el9", "package" : "openshift-service-mesh/kiali-ossmc-rhel9:sha256:19c44dfb277123122abafc25552fe408ea7ad6dc026aa592f53e3a754ca0a44f" }, { "product_name" : "Red Hat OpenShift Service Mesh 3", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2147", "cpe" : "cpe:/a:redhat:service_mesh:3.0::el9", "package" : "openshift-service-mesh/kiali-rhel9:sha256:527fd434b3b1f9b9304adbedd89a593ca347a84571a68c7935afe6aa207db49f" }, { "product_name" : "Red Hat OpenShift Service Mesh 3.1", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2148", "cpe" : "cpe:/a:redhat:service_mesh:3.1::el9", "package" : "openshift-service-mesh/kiali-ossmc-rhel9:sha256:82e36c47f867ced806082b44fe357e70b07c72c4258c16af5a14f56fc040b534" }, { "product_name" : "Red Hat OpenShift Service Mesh 3.1", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2148", "cpe" : "cpe:/a:redhat:service_mesh:3.1::el9", "package" : "openshift-service-mesh/kiali-rhel9:sha256:2cdf4960ec57c4971d2f9ce92b07686831e6f55e24c9b1a2831470f8da05b598" }, { "product_name" : "Red Hat OpenShift Service Mesh 3.2", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2149", "cpe" : "cpe:/a:redhat:service_mesh:3.2::el9", "package" : "openshift-service-mesh/kiali-ossmc-rhel9:sha256:700c2524c0def53bf8e5f7832c27496a3e9ff5c9d939d38c59a7fae167418e16" }, { "product_name" : "Red Hat OpenShift Service Mesh 3.2", "release_date" : "2026-02-05T00:00:00Z", "advisory" : "RHSA-2026:2149", "cpe" : "cpe:/a:redhat:service_mesh:3.2::el9", "package" : "openshift-service-mesh/kiali-rhel9:sha256:a97c82b48b920f1d3843d08dbe55d3759b237365e2b97501a640a1c0bd08d5ca" }, { "product_name" : "Red Hat Quay 3.16", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6497", "cpe" : "cpe:/a:redhat:quay:3.16::el9", "package" : "quay/quay-rhel9:sha256:0bc25ef16eabd14562b5c15b2f242558ace42865d416820420d669436d9d71ae" }, { "product_name" : "Red Hat Quay 3.16", "release_date" : "2026-04-03T00:00:00Z", "advisory" : "RHSA-2026:6567", "cpe" : "cpe:/a:redhat:quay:3.16::el9", "package" : "quay/quay-rhel9:sha256:5937639bb3bc4fd76c1dfa9d1550f8ab955a5d12b44794c076d127a5ba4d68a4" }, { "product_name" : "Red Hat Satellite 6.18", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6288", "cpe" : "cpe:/a:redhat:satellite:6.18::el9", "package" : "satellite/iop-remediations-rhel9:sha256:9e1aa62d0019dc33a52584e614a93edbc6111605ef0ed3cae0b9f900dbb9097e" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.2", "release_date" : "2026-02-18T00:00:00Z", "advisory" : "RHSA-2026:2926", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.2::el9", "package" : "rhtas/rekor-search-ui-rhel9:sha256:1e3a46ade52215e2c78df9229f36301c94099e8397ee74ab99fb8bd504ce7aa2" }, { "product_name" : "Red Hat Trusted Artifact Signer 1.3", "release_date" : "2026-02-23T00:00:00Z", "advisory" : "RHSA-2026:3087", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1.3::el9", "package" : "rhtas/rhtas-console-ui-rhel9:sha256:e7ee88dd498d337304db3d90f4f352e55114475dbc9d75c3b18a49a249492b1e" } ], "package_state" : [ { "product_name" : "Confidential Compute Attestation", "fix_state" : "Not affected", "package_name" : "openshift-sandboxed-containers/osc-pccs", "cpe" : "cpe:/a:redhat:confidential_compute_attestation:1" }, { "product_name" : "Gatekeeper 3", "fix_state" : "Not affected", "package_name" : "gatekeeper/gatekeeper-rhel9", "cpe" : "cpe:/a:redhat:gatekeeper:3" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/cluster-logging-operator-bundle", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/cluster-logging-rhel9-operator", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/elasticsearch6-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/elasticsearch-operator-bundle", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/elasticsearch-proxy-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/elasticsearch-rhel9-operator", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/eventrouter-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/fluentd-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/kibana6-rhel8", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/log-file-metric-exporter-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "openshift-logging/logging-curator5-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/logging-view-plugin-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Logging Subsystem for Red Hat OpenShift", "fix_state" : "Will not fix", "package_name" : "openshift-logging/vector-rhel9", "cpe" : "cpe:/a:redhat:logging:5" }, { "product_name" : "Migration Toolkit for Applications 8", "fix_state" : "Affected", "package_name" : "mta/mta-ui-rhel9", "cpe" : "cpe:/a:redhat:migration_toolkit_applications:8" }, { "product_name" : "Migration Toolkit for Containers", "fix_state" : "Affected", "package_name" : "rhmtc/openshift-migration-ui-rhel8", "cpe" : "cpe:/a:redhat:rhmt:1" }, { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Affected", "package_name" : "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Will not fix", "package_name" : "mtv-candidate/mtv-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/console-mce-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Not affected", "package_name" : "workload-availability/node-healthcheck-must-gather-rhel9", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Not affected", "package_name" : "workload-availability/node-healthcheck-operator-bundle", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Not affected", "package_name" : "workload-availability/node-healthcheck-rhel9-operator", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Affected", "package_name" : "workload-availability/node-remediation-console-rhel8", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "Node HealthCheck Operator", "fix_state" : "Affected", "package_name" : "workload-availability/node-remediation-console-rhel9", "cpe" : "cpe:/a:redhat:workload_availability_nhc:0" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "openshift-lightspeed/lightspeed-console-plugin-pf5-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "openshift-lightspeed/lightspeed-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-api-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-api-rhel9", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-db-migration-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-db-migration-rhel9", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-ui-rhel8", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Will not fix", "package_name" : "openshift-pipelines/pipelines-hub-ui-rhel9", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/grafana-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-cni-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-must-gather-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-operator-bundle", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/istio-rhel8-operator", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/pilot-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/proxyv2-rhel9", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/ratelimit-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/kiali-operator-bundle", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/kiali-rhel9-operator", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp20/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp21/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp22/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp24/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp25/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp26/system", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "3scale-amp2/system-rhel7", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Affected", "package_name" : "3scale-amp2/system-rhel8", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Affected", "package_name" : "3scale-amp2/system-rhel9", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "rhacm2/acm-grafana-rhel9", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "rhacm2/prometheus-rhel9", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "rhacm2/thanos-rhel9", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Security 4", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-central-db-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4" }, { "product_name" : "Red Hat Advanced Cluster Security 4", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-rhel8-operator", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4" }, { "product_name" : "Red Hat Advanced Cluster Security 4", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-roxctl-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4" }, { "product_name" : "Red Hat Advanced Cluster Security 4", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4" }, { "product_name" : "Red Hat Advanced Cluster Security 4", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-scanner-v4-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-25/aap-cloud-ui-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-tech-preview/automation-dashboard-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-on-clouds/aoc-azure-aap-installer-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-eda-controller", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "automation-gateway", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "automation-hub", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "python3.11-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "python3x-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "python-galaxy-ng", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat build of Apicurio Registry 2", "fix_state" : "Affected", "package_name" : "io.apicurio-apicurio-registry", "cpe" : "cpe:/a:redhat:service_registry:2" }, { "product_name" : "Red Hat build of OptaPlanner 8", "fix_state" : "Affected", "package_name" : "org.optaweb.vehiclerouting-optaweb-vehicle-routing", "cpe" : "cpe:/a:redhat:optaplanner:::el6" }, { "product_name" : "Red Hat Ceph Storage 4", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:4" }, { "product_name" : "Red Hat Ceph Storage 5", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:5" }, { "product_name" : "Red Hat Ceph Storage 6", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:6" }, { "product_name" : "Red Hat Ceph Storage 7", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:7" }, { "product_name" : "Red Hat Ceph Storage 8", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:8" }, { "product_name" : "Red Hat Connectivity Link 1", "fix_state" : "Affected", "package_name" : "rhcl-1/rhcl-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:connectivity_link:1" }, { "product_name" : "Red Hat Directory Server 11", "fix_state" : "Not affected", "package_name" : "redhat-ds:11/389-ds-base", "cpe" : "cpe:/a:redhat:directory_server:11" }, { "product_name" : "Red Hat Directory Server 12", "fix_state" : "Not affected", "package_name" : "redhat-ds:12/389-ds-base", "cpe" : "cpe:/a:redhat:directory_server:12" }, { "product_name" : "Red Hat Directory Server 13", "fix_state" : "Not affected", "package_name" : "389-ds-base", "cpe" : "cpe:/a:redhat:directory_server:13" }, { "product_name" : "Red Hat Edge Manager 1", "fix_state" : "Affected", "package_name" : "rhem/flightctl-ui-ocp-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:1" }, { "product_name" : "Red Hat Edge Manager 1", "fix_state" : "Affected", "package_name" : "rhem/flightctl-ui-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:1" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-alert-exporter-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-alertmanager-proxy-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-api-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-cli-artifacts-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-db-setup-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-periodic-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-telemetry-gateway-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-ui-ocp-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-ui-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-userinfo-proxy-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Edge Manager preview", "fix_state" : "Will not fix", "package_name" : "rhem/flightctl-worker-rhel9", "cpe" : "cpe:/a:redhat:edge_manager:0" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "cockpit-files", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "cockpit-image-builder", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "cockpit-machines", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "cockpit-podman", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "cockpit-session-recording", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Will not fix", "package_name" : "gjs", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Will not fix", "package_name" : "grafana", "cpe" : "cpe:/o:redhat:enterprise_linux:10", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Will not fix", "package_name" : "grafana-pcp", "cpe" : "cpe:/o:redhat:enterprise_linux:10", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "ipa", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "linux-sgx", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "qt6-qtbase", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Affected", "package_name" : "subscription-manager-cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "cockpit-appstream", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:rhel8/cockpit-podman", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "grafana", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "grafana-pcp", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "mozjs60", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Affected", "package_name" : "pcs", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "qt5-qtbase", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "ceph", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "cockpit-files", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "cockpit-machines", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "cockpit-podman", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "gjs", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "grafana", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "grafana-pcp", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "impact" : "moderate" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "ipa", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "linux-sgx", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "polkit", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "qt5-qtbase", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "subscription-manager-cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3", "fix_state" : "Affected", "package_name" : "rhelai3/bootc-cuda-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3", "fix_state" : "Affected", "package_name" : "rhelai3/disk-image-cuda-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "io.apicurio-apicurito", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "io.hawt-hawtio-integration", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "io.hawt-hawtio-online", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Not affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "io.syndesis-syndesis-parent", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "io.syndesis-syndesis-ui", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "lodash-es", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Hardened Images 1", "fix_state" : "Not affected", "package_name" : "yarnpkg", "cpe" : "cpe:/a:redhat:hummingbird:1" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "fix_state" : "Not affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "fix_state" : "Not affected", "package_name" : "org.jboss.hal-hal-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8", "fix_state" : "Not affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8", "fix_state" : "Not affected", "package_name" : "io.smallrye-smallrye-open-api-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "io.hawt-project", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "io.smallrye-smallrye-open-api-parent", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-dashboard-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kf-notebook-controller-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-mod-arch-gen-ai-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-model-registry-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-notebook-controller-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/nmstate-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-agent-installer-ui-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-monitoring-plugin-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-networking-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/mcg-core-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/ocs-client-console-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/odf-console-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/odf-multicluster-console-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Not affected", "package_name" : "devspaces/code-sshd-rhel9", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Not affected", "package_name" : "devspaces-tech-preview/idea-rhel9", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 3", "fix_state" : "Affected", "package_name" : "rhosdt/tempo-jaeger-query-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:3" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Affected", "package_name" : "openshift-gitops-1/argocd-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Will not fix", "package_name" : "openshift-gitops-1/argo-rollouts-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Will not fix", "package_name" : "openshift-gitops-1/gitops-operator-bundle", "cpe" : "cpe:/a:redhat:openshift_gitops:1" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Affected", "package_name" : "container-native-virtualization/kubevirt-console-plugin", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Affected", "package_name" : "container-native-virtualization/kubevirt-console-plugin-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Affected", "package_name" : "org.kie-process-migration-service", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "org.kie.workbench-kie-wb-common", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "org.uberfire-uberfire-parent", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Not affected", "package_name" : "quay/quay-rhel8", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-babel-plugin-transform-class-properties", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-babel-preset-env", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-babel-preset-react", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-formik", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-openshift-dynamic-plugin-sdk", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-patternfly-react", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-patternfly-react-charts", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-patternfly-react-extensions", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "nodejs-yup", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite/iop-advisor-frontend-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite/iop-host-inventory-frontend-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite/iop-vulnerability-frontend-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Will not fix", "package_name" : "org.keycloak-keycloak-parent", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" }, { "product_name" : "Red Hat Trusted Profile Analyzer", "fix_state" : "Affected", "package_name" : "rhtpa/rhtpa-trustification-service-rhel9", "cpe" : "cpe:/a:redhat:trusted_profile_analyzer:2" }, { "product_name" : "streams for Apache Kafka 2", "fix_state" : "Affected", "package_name" : "com.github.streamshub-console", "cpe" : "cpe:/a:redhat:amq_streams:2" }, { "product_name" : "streams for Apache Kafka 3", "fix_state" : "Affected", "package_name" : "com.github.streamshub-console", "cpe" : "cpe:/a:redhat:amq_streams:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-13465\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13465\nhttps://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg" ], "name" : "CVE-2025-13465", "mitigation" : { "value" : "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.", "lang" : "en:us" }, "csaw" : false }