CVE-2025-61729

high

Published 2026-01-21 · Modified 2026-03-10

CVSS v3

—

CVSS v2

—

VIR risk

8.0

Description

Important: osbuild-composer security update

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3753.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-2920.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2433242

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3337.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2434431

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3928.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3839.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3341.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3340.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3298.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3291.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-3040.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-18913.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2437111

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2434432

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-3428.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2418900

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2268022

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:3428

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-1908.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-0923.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-2323.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:2323

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-2124.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:2124

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-1518.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:1518

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-1344.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:1344

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-0921.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2418462

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:0921

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:0923

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:1908

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:2920

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3040

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3341

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3340

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3291

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3337

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3298

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3928

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2025-61729.html

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2025-61729

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:4901

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3928

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3839

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3753

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3341

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3340

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3337

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3298

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3291

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:3040

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:2920

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:1908

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:18913

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:0923

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:0921

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:1344

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:1518

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:2323

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:3428

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Cryostat 4 on RHEL 9cryostat/cryostat-grafana-dashboard-rhel9:4.1.0-17RHSA-2026:18452026-02-03T00:00:00Z Cryostat 4 on RHEL…

Description

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Cryostat 4 on RHEL 9	`cryostat/cryostat-grafana-dashboard-rhel9:4.1.0-17`	RHSA-2026:1845	2026-02-03T00:00:00Z
Cryostat 4 on RHEL 9	`cryostat/cryostat-rhel9-operator:4.1.0-22`	RHSA-2026:1845	2026-02-03T00:00:00Z
Cryostat 4 on RHEL 9	`cryostat/cryostat-storage-rhel9:4.1.0-22`	RHSA-2026:1845	2026-02-03T00:00:00Z
HawtIO HawtIO 4.3.1	`hawtio-operator-container`	RHSA-2026:7942	2026-04-13T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 8	`receptor-0:1.6.3-1.el8ap`	RHSA-2026:1497	2026-01-28T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9	`receptor-0:1.6.3-1.el9ap`	RHSA-2026:1497	2026-01-28T00:00:00Z
Red Hat Ansible Automation Platform 2.5 for RHEL 8	`receptor-0:1.6.3-1.el8ap`	RHSA-2026:1506	2026-01-28T00:00:00Z
Red Hat Ansible Automation Platform 2.5 for RHEL 9	`receptor-0:1.6.3-1.el9ap`	RHSA-2026:1506	2026-01-28T00:00:00Z
Red Hat Ansible Automation Platform 2.6 for RHEL 10	`receptor-0:1.6.3-2.el10ap`	RHSA-2026:1249	2026-01-26T00:00:00Z
Red Hat Ansible Automation Platform 2.6 for RHEL 9	`receptor-0:1.6.3-2.el9ap`	RHSA-2026:1249	2026-01-26T00:00:00Z
Red Hat Ceph Storage 7.1	`ceph-2:18.2.1-381.el8cp`	RHSA-2026:2769	2026-02-17T00:00:00Z
Red Hat Enterprise Linux 10	`golang-0:1.25.5-1.el10_1`	RHSA-2026:0922	2026-01-21T00:00:00Z
Red Hat Enterprise Linux 10	`golang-github-openprinting-ipp-usb-0:0.9.27-4.el10_1`	RHSA-2026:1715	2026-02-02T00:00:00Z
Red Hat Enterprise Linux 10	`opentelemetry-collector-0:0.135.0-3.el10_1`	RHSA-2026:1907	2026-02-04T00:00:00Z
Red Hat Enterprise Linux 10	`grafana-0:10.2.6-22.el10_1`	RHSA-2026:2914	2026-02-18T00:00:00Z
Red Hat Enterprise Linux 10	`grafana-pcp-0:5.3.0-2.el10_1`	RHSA-2026:3035	2026-02-23T00:00:00Z
Red Hat Enterprise Linux 10	`buildah-2:1.41.8-2.el10_1`	RHSA-2026:3297	2026-02-25T00:00:00Z
Red Hat Enterprise Linux 10	`podman-7:5.6.0-12.el10_1`	RHSA-2026:3336	2026-02-25T00:00:00Z
Red Hat Enterprise Linux 10	`skopeo-2:1.20.0-3.el10_1`	RHSA-2026:3343	2026-02-25T00:00:00Z
Red Hat Enterprise Linux 10	`osbuild-composer-0:149-5.el10_1`	RHSA-2026:3752	2026-03-04T00:00:00Z
Red Hat Enterprise Linux 10	`image-builder-0:31-4.el10_1`	RHSA-2026:3840	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 10	`delve-0:1.25.2-2.el10_1`	RHSA-2026:3864	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 10	`rhc-worker-playbook-0:0.2.3-3.el10_1`	RHSA-2026:3971	2026-03-09T00:00:00Z
Red Hat Enterprise Linux 10	`git-lfs-0:3.6.1-7.el10_1`	RHSA-2026:4164	2026-03-10T00:00:00Z
Red Hat Enterprise Linux 10	`rhc-1:0.3.4-2.el10_1`	RHSA-2026:4892	2026-03-18T00:00:00Z
Red Hat Enterprise Linux 10	`yggdrasil-0:0.4.8-3.el10_1`	RHSA-2026:5146	2026-03-19T00:00:00Z
Red Hat Enterprise Linux 10	`delve-0:1.26.1-1.el10_2`	RHSA-2026:19013	2026-05-19T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`buildah-2:1.39.8-1.el10_0`	RHSA-2026:14868	2026-05-07T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`skopeo-2:1.18.1-3.el10_0.1`	RHSA-2026:16696	2026-05-13T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`podman-6:5.4.0-15.el10_0.1`	RHSA-2026:17040	2026-05-13T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`gvisor-tap-vsock-6:0.8.5-2.el10_0.1`	RHSA-2026:17084	2026-05-13T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`golang-0:1.25.5-1.el10_0`	RHSA-2026:1814	2026-02-03T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`golang-github-openprinting-ipp-usb-0:0.9.27-3.el10_0.1`	RHSA-2026:2265	2026-02-09T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`opentelemetry-collector-0:0.135.0-3.el10_0`	RHSA-2026:3288	2026-02-25T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`yggdrasil-0:0.4.7-2.el10_0`	RHSA-2026:3506	2026-03-02T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`grafana-pcp-0:5.2.2-4.el10_0`	RHSA-2026:3816	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`grafana-0:10.2.6-21.el10_0`	RHSA-2026:3831	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`delve-0:1.25.2-2.el10_0`	RHSA-2026:3843	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`rhc-worker-playbook-0:0.2.3-3.el10_0`	RHSA-2026:3970	2026-03-09T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`git-lfs-0:3.6.1-2.el10_0.2`	RHSA-2026:4166	2026-03-10T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`rhc-1:0.3.2-2.el10_0`	RHSA-2026:4907	2026-03-18T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`osbuild-composer-0:134.1-5.el10_0`	RHSA-2026:5852	2026-03-26T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support	`rhc-1:0.2.4-3.el7_9`	RHSA-2026:7676	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8	`go-toolset:rhel8-8100020260119042017.a3795dee`	RHSA-2026:0921	2026-01-21T00:00:00Z
Red Hat Enterprise Linux 8	`grafana-0:9.2.10-27.el8_10`	RHSA-2026:1344	2026-01-27T00:00:00Z
Red Hat Enterprise Linux 8	`grafana-pcp-0:5.1.1-11.el8_10`	RHSA-2026:1518	2026-01-28T00:00:00Z
Red Hat Enterprise Linux 8	`osbuild-composer-0:101.4-3.el8_10`	RHSA-2026:2124	2026-02-05T00:00:00Z
Red Hat Enterprise Linux 8	`git-lfs-0:3.4.1-7.el8_10`	RHSA-2026:2323	2026-02-09T00:00:00Z
Red Hat Enterprise Linux 8	`container-tools:rhel8-8100020260204142227.afee755d`	RHSA-2026:3428	2026-02-26T00:00:00Z
Red Hat Enterprise Linux 8	`rhc-1:0.2.5-4.el8_10`	RHSA-2026:4952	2026-03-18T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`go-toolset:rhel8-8020020260203092300.02f7cb7a`	RHSA-2026:2223	2026-02-09T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`grafana-0:6.3.6-10.el8_2`	RHSA-2026:3841	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`go-toolset:rhel8-8040020260205134630.5081a262`	RHSA-2026:2217	2026-02-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`grafana-pcp-0:3.0.2-3.el8_4`	RHSA-2026:3815	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`grafana-0:7.3.6-12.el8_4`	RHSA-2026:3879	2026-03-05T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`git-lfs-0:2.13.3-3.el8_4.4`	RHSA-2026:3973	2026-03-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`rhc-1:0.2.0-5.el8_4`	RHSA-2026:5030	2026-03-19T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`osbuild-composer-0:28.7-5.el8_4`	RHSA-2026:5461	2026-03-23T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	`go-toolset:rhel8-8040020260205134630.5081a262`	RHSA-2026:2217	2026-02-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	`grafana-pcp-0:3.0.2-3.el8_4`	RHSA-2026:3815	2026-03-05T00:00:00Z

Package state

Product	Package	State
Assisted Installer for Red Hat OpenShift Container Platform 2	`rhai/assisted-installer-agent-rhel9`	Affected
Assisted Installer for Red Hat OpenShift Container Platform 2	`rhai/assisted-installer-controller-rhel9`	Affected
Assisted Installer for Red Hat OpenShift Container Platform 2	`rhai/assisted-installer-rhel9`	Affected
Confidential Compute Attestation	`build-of-trustee/trustee-rhel9-operator`	Affected
Confidential Compute Attestation	`confidential-compute-attestation-tech-preview/trustee-rhel9-operator`	Affected
Confidential Compute Attestation	`openshift-sandboxed-containers/osc-monitor-rhel9`	Affected
Cryostat 4	`cryostat/cryostat-grafana-dashboard-rhel9`	Affected
Cryostat 4	`cryostat/cryostat-ose-oauth-proxy-rhel9`	Will not fix
Cryostat 4	`cryostat/cryostat-rhel9-operator`	Affected
Custom Metric Autoscaler operator for Red Hat Openshift	`custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9`	Not affected
Custom Metric Autoscaler operator for Red Hat Openshift	`custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9`	Not affected
Custom Metric Autoscaler operator for Red Hat Openshift	`custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9`	Affected
Custom Metric Autoscaler operator for Red Hat Openshift	`custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator`	Not affected
Deployment Validation Operator	`dvo/deployment-validation-rhel8-operator`	Affected
ExternalDNS Operator	`edo/external-dns-rhel8`	Affected
ExternalDNS Operator	`edo/external-dns-rhel9`	Not affected
External Secrets Operator for Red Hat OpenShift	`external-secrets-operator/external-secrets-rhel9`	Not affected
external secrets operator for Red Hat OpenShift - Tech Preview	`external-secrets-operator/external-secrets-rhel9`	Not affected
Fence Agents Remediation Operator	`workload-availability/fence-agents-remediation-operator-bundle`	Not affected
Fence Agents Remediation Operator	`workload-availability/fence-agents-remediation-rhel8-operator`	Affected
File Integrity Operator	`compliance/openshift-compliance-operator-bundle`	Affected
File Integrity Operator	`compliance/openshift-file-integrity-operator-bundle`	Affected
File Integrity Operator	`compliance/openshift-file-integrity-rhel8-operator`	Affected
Gatekeeper 3	`gatekeeper/gatekeeper-rhel9-operator`	Will not fix
Kube Descheduler Operator	`kube-descheduler-operator/descheduler-rhel9`	Not affected
Kube Descheduler Operator	`kube-descheduler-operator/kube-descheduler-rhel9-operator`	Not affected
Logging Subsystem for Red Hat OpenShift	`openshift-logging/cluster-logging-rhel9-operator`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/elasticsearch-proxy-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/elasticsearch-rhel9-operator`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/eventrouter-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/log-file-metric-exporter-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/logging-loki-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/logging-view-plugin-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/loki-rhel9-operator`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/lokistack-gateway-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/opa-openshift-rhel9`	Will not fix
Logging Subsystem for Red Hat OpenShift	`openshift-logging/eventrouter-rhel8`	Not affected
Logical Volume Manager Storage	`lvms4/lvms-must-gather-rhel8`	Not affected
Logical Volume Manager Storage	`lvms4/lvms-must-gather-rhel9`	Not affected
Logical Volume Manager Storage	`lvms4/lvms-operator-bundle`	Not affected
Logical Volume Manager Storage	`lvms4/lvms-rhel9-operator`	Not affected
Logical Volume Manager Storage	`lvms4/topolvm-rhel8`	Not affected
Logical Volume Manager Storage	`lvms4/topolvm-rhel9`	Affected
Machine Deletion Remediation Operator	`workload-availability/machine-deletion-remediation-operator-bundle`	Not affected
Machine Deletion Remediation Operator	`workload-availability/machine-deletion-remediation-rhel8-operator`	Not affected
Migration Toolkit for Applications 7	`mta/mta-analyzer-addon-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-cli-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-discovery-addon-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-dotnet-external-provider-rhel8`	Affected
Migration Toolkit for Applications 7	`mta/mta-dotnet-external-provider-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-generic-external-provider-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-hub-rhel9`	Affected
Migration Toolkit for Applications 7	`mta/mta-java-external-provider-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-analyzer-addon-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-cli-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-discovery-addon-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-dotnet-external-provider-rhel8`	Affected
Migration Toolkit for Applications 8	`mta/mta-dotnet-external-provider-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-generic-external-provider-rhel9`	Affected
Migration Toolkit for Applications 8	`mta/mta-hub-rhel9`	Affected

Apply commands

bash fix

Apply RHSA-2026:1845 for Cryostat 4 on RHEL 9

yum update -y cryostat/cryostat-grafana-dashboard-rhel9:4
# or:
dnf upgrade -y cryostat/cryostat-grafana-dashboard-rhel9:4

Affected

Vendor	Product	Version
redhat	Assisted Installer for Red Hat OpenShift Container Platform 2	`Affected`
redhat	Assisted Installer for Red Hat OpenShift Container Platform 2	`Affected`
redhat	Assisted Installer for Red Hat OpenShift Container Platform 2	`Affected`
redhat	Confidential Compute Attestation	`Affected`
redhat	Confidential Compute Attestation	`Affected`
redhat	Confidential Compute Attestation	`Affected`
redhat	Cryostat 4	`Affected`
redhat	Cryostat 4	`Affected`
redhat	Custom Metric Autoscaler operator for Red Hat Openshift	`Not affected`
redhat	Custom Metric Autoscaler operator for Red Hat Openshift	`Not affected`
redhat	Custom Metric Autoscaler operator for Red Hat Openshift	`Affected`
redhat	Custom Metric Autoscaler operator for Red Hat Openshift	`Not affected`
redhat	Deployment Validation Operator	`Affected`
redhat	ExternalDNS Operator	`Affected`
redhat	ExternalDNS Operator	`Not affected`
redhat	External Secrets Operator for Red Hat OpenShift	`Not affected`
redhat	external secrets operator for Red Hat OpenShift - Tech Preview	`Not affected`
redhat	Fence Agents Remediation Operator	`Not affected`
redhat	Fence Agents Remediation Operator	`Affected`
redhat	File Integrity Operator	`Affected`
redhat	File Integrity Operator	`Affected`
redhat	File Integrity Operator	`Affected`
redhat	Kube Descheduler Operator	`Not affected`
redhat	Kube Descheduler Operator	`Not affected`
redhat	Logging Subsystem for Red Hat OpenShift	`Not affected`
redhat	Logical Volume Manager Storage	`Not affected`
redhat	Logical Volume Manager Storage	`Not affected`
redhat	Logical Volume Manager Storage	`Not affected`
redhat	Logical Volume Manager Storage	`Not affected`
redhat	Logical Volume Manager Storage	`Not affected`

OS impact

OS	Version	Status	Fixed in
rocky	8	fixed
rhel	9	fixed
debian	bullseye	affected
debian	bookworm	affected
debian	forky	fixed	`1.25.6-1`
debian	sid	fixed	`1.25.6-1`
debian	trixie	affected
sles		affected
rocky	9	fixed

Package impact

Ecosystem	Package	Vulnerable	Fixed
Go	stdlib	`>=1.25.0,<1.25.5`	`1.24.11`

Application impact

Vendor	Product	Versions	Fixed
google	gcp

References

Verify integrity in audit chain (admin only). AS-IS.