{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "New Red Hat build of Cryostat 4.0.2 on RHEL 9 container images are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Cryostat 4 on RHEL 9 container images have been updated to fix several bugs.\n\nUsers of Cryostat 4 on RHEL 9 container images are advised to upgrade to these updated images, which contain backported patches to fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.\n\nSecurity Fix(es):\n\n* cryostat: authentication bypass if Network Policies are disabled (CVE-2025-8415)\n* netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability (CVE-2025-55163)\n* form-data: Unsafe random function in form-data (CVE-2025-7783)\n\nYou can find images updated by this advisory in the Red Hat Container Catalog (see the References section).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:14919",
        "url": "https://access.redhat.com/errata/RHSA-2025:14919"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2381959",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381959"
      },
      {
        "category": "external",
        "summary": "2385773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385773"
      },
      {
        "category": "external",
        "summary": "2388252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14919.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat build of Cryostat 4.0.2: new RHEL 9 container image security update",
    "tracking": {
      "current_release_date": "2026-07-02T12:53:37+00:00",
      "generator": {
        "date": "2026-07-02T12:53:37+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2025:14919",
      "initial_release_date": "2025-09-03T02:15:18+00:00",
      "revision_history": [
        {
          "date": "2025-09-03T02:15:18+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-03T02:15:18+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-07-02T12:53:37+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Cryostat 4 on RHEL 9",
                "product": {
                  "name": "Cryostat 4 on RHEL 9",
                  "product_id": "9Base-Cryostat-4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:cryostat:4::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Cryostat"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
                "product": {
                  "name": "cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
                  "product_id": "cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9&tag=0.5.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
                "product": {
                  "name": "cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
                  "product_id": "cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
                "product": {
                  "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
                  "product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
                "product": {
                  "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
                  "product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
                "product": {
                  "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
                  "product_id": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-ose-oauth-proxy-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
                "product": {
                  "name": "cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
                  "product_id": "cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
                "product": {
                  "name": "cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
                  "product_id": "cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
                "product": {
                  "name": "cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
                  "product_id": "cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
                "product": {
                  "name": "cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
                  "product_id": "cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
                "product": {
                  "name": "cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
                  "product_id": "cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
                "product": {
                  "name": "cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
                  "product_id": "cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a?arch=amd64&repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9&tag=4.0.2-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
                "product": {
                  "name": "cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
                  "product_id": "cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9&tag=0.5.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
                "product": {
                  "name": "cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
                  "product_id": "cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
                "product": {
                  "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
                  "product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
                "product": {
                  "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
                  "product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
                "product": {
                  "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
                  "product_id": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-ose-oauth-proxy-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
                "product": {
                  "name": "cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
                  "product_id": "cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
                "product": {
                  "name": "cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
                  "product_id": "cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
                "product": {
                  "name": "cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
                  "product_id": "cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
                "product": {
                  "name": "cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
                  "product_id": "cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
                "product": {
                  "name": "cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
                  "product_id": "cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9&tag=4.0.2-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64",
                "product": {
                  "name": "cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64",
                  "product_id": "cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823?arch=arm64&repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9&tag=4.0.2-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64"
        },
        "product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64"
        },
        "product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64"
        },
        "product_reference": "cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64"
        },
        "product_reference": "cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64"
        },
        "product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64"
        },
        "product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64"
        },
        "product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64"
        },
        "product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64"
        },
        "product_reference": "cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64"
        },
        "product_reference": "cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64"
        },
        "product_reference": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64"
        },
        "product_reference": "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64"
        },
        "product_reference": "cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64"
        },
        "product_reference": "cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64"
        },
        "product_reference": "cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64"
        },
        "product_reference": "cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64"
        },
        "product_reference": "cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64"
        },
        "product_reference": "cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64"
        },
        "product_reference": "cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64"
        },
        "product_reference": "cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64"
        },
        "product_reference": "cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64 as a component of Cryostat 4 on RHEL 9",
          "product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
        },
        "product_reference": "cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64",
        "relates_to_product_reference": "9Base-Cryostat-4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-7783",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "discovery_date": "2025-07-18T17:00:43.396637+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2381959"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability related to predictable random number generation has been discovered in the form-data JavaScript library. The library utilizes Math.random() to determine boundary values for multipart form-encoded data.\n\nThis presents a security risk if an attacker can observe other values generated by Math.random() within the target application and simultaneously control at least one field of a request made using form-data. Under these conditions, the attacker could potentially predict or determine the boundary values. This predictability could be leveraged to bypass security controls, manipulate form data, or potentially lead to data integrity issues or other forms of exploitation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "form-data: Unsafe random function in form-data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw does not affect host systems. The impact of this vulnerability is limited to specific applications which integrate the `form-data` library. As a result the impact of this CVE is limited on RedHat systems.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-7783"
        },
        {
          "category": "external",
          "summary": "RHBZ#2381959",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381959"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-7783",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0",
          "url": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0"
        },
        {
          "category": "external",
          "summary": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4",
          "url": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4"
        }
      ],
      "release_date": "2025-07-18T16:34:44.889000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-03T02:15:18+00:00",
          "details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14919"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "form-data: Unsafe random function in form-data"
    },
    {
      "cve": "CVE-2025-8415",
      "cwe": {
        "id": "CWE-289",
        "name": "Authentication Bypass by Alternate Name"
      },
      "discovery_date": "2025-07-31T13:30:18.157000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2385773"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Cryostat HTTP API. Cryostat's HTTP API binds to all network interfaces, allowing possible external visibility and access to the API port if Network Policies are disabled, allowing an unauthenticated, malicious attacker to jeopardize the environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cryostat: authentication bypass if Network Policies are disabled",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-8415"
        },
        {
          "category": "external",
          "summary": "RHBZ#2385773",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385773"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-8415",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-8415"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8415",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8415"
        },
        {
          "category": "external",
          "summary": "https://github.com/cryostatio/cryostat/pull/1001",
          "url": "https://github.com/cryostatio/cryostat/pull/1001"
        },
        {
          "category": "external",
          "summary": "https://github.com/cryostatio/cryostat/releases/tag/v4.0.2",
          "url": "https://github.com/cryostatio/cryostat/releases/tag/v4.0.2"
        }
      ],
      "release_date": "2025-08-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-03T02:15:18+00:00",
          "details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14919"
        },
        {
          "category": "workaround",
          "details": "Cryostat is not vulnerable by default, as Network Policy is enabled and prevents this behavior. Make sure the Network Policies are enabled in Custom Resources and that the underlying cluster network stack supports Network Policies.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cryostat: authentication bypass if Network Policies are disabled"
    },
    {
      "cve": "CVE-2025-55163",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-08-13T15:01:55.372237+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2388252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated with an Important severity. It is simple to exploit because it does not require authentication and could result in a denial of service (DoS). While some DoS flaws are classified as Moderate, “MadeYouReset” is Important because of the limited barriers (no specialized tooling or advanced scripting) to exploitation, which directly impacts service availability. The vulnerability arises from an implementation weakness in HTTP/2 stream reset handling — malformed client requests can trigger server-side resets without incrementing abuse counters, allowing an attacker to bypass built-in request throttling and overhead limits. Since these resets consume CPU and memory resources and can be generated at scale over a single TCP/TLS connection, a remote attacker could exhaust server capacity quickly, impacting all legitimate clients.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
          "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
          "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-55163"
        },
        {
          "category": "external",
          "summary": "RHBZ#2388252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-55163",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4"
        },
        {
          "category": "external",
          "summary": "https://kb.cert.org/vuls/id/767506",
          "url": "https://kb.cert.org/vuls/id/767506"
        }
      ],
      "release_date": "2025-08-13T14:17:36.111000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-03T02:15:18+00:00",
          "details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:14919"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:0e5ffd83db750fb85c1e6e268a6be392bf084558e9b07d29bb6b752b756f98e8_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:d6d38a85fabf58e7dabcc9088f0c5271f1f03616e883175ad67081232fd08189_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:98289ddd46c3b9e3ed22cb76f4f5372b28d84637f84e0e24fcfd75f1b6cdfc4c_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:a598e40bbe2ce6243d1eb583dc57041c4ced8a4a5bcba2d0a4f9d8decc8bfb5e_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:1b2c837ef2ae61f187d4d3b7be3f9fb3a2f8910d99a5b7d02929edb993631cc9_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:7c1d1bee4b41222a89ccff05f96c718c230779cd123c33ce5150c1c6df69abe4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:04c736cd3efff1a2d894bd7bfb2d982cc2de938aeb859ce01fe5c237275305a5_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:72e93e32df5c0af848dfae42aee3633069df0cbdaacfc4bb9c68b54a161c1bd9_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:52f04cfb6bbc0a04ef61a1d061e45dc4a44e98fba9413961d69a6a97cf45e084_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:808f35402b5b20c395a26436d6a121fb8e81ff56fd6a60e8e84ad8e4f64d37d4_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:a049c80f0fdbdd21ee6513c703b057aae78259e2077357b84a3faf01a002db1f_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:de2537a6036e88a9eb3821851b1f8e3fcaa069d46f18e9a999848058c2923872_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2eef8c97381bc0c8418be415384f2cef5b59bcc2f286fe65fc18873d8719c628_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:577db510c36a906d7583f9daec87f1df593167ecaac881573a9fb9511e7786c0_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a2b8104352ac48cf5a076e0a4ab48e435535913e1f0301ba69bc7c4ff1ea70c2_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4dd6911c3fcd3b1fffcb24b54f798cfd1f1113020556685333d8c8e3857a9ca_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:54fd86c9f83b0a690b5a2effd8bb1c1a91440c284f5c7c64a603bb62bb915e6f_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:813522e91ba44510abfb6802cfbfe0dbdde1df678fb72c0954458d9485ff9469_amd64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:0468feecc78f056ed30ab07ec3d8b53d0be37f4a00d49009ea6e3f9b20c9c509_arm64",
            "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:415e55fd5a49c4de08af32f2efa76de4f5bbeeb48e868de5f8cdb79d7c8ce526_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:36f0386024588220c316c6dcc442a709491d5d6adb217ae1dd8dd1aca7c6b94a_amd64",
            "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:3c714df80db3d94b1e70cd81fd70b5f012f5e85b9cc974d8a56d0eb59174a823_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability"
    }
  ]
}