Skip to content

Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY]#1787

Open
red-hat-konflux[bot] wants to merge 1 commit into
release-1.9from
konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability
Open

Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY]#1787
red-hat-konflux[bot] wants to merge 1 commit into
release-1.9from
konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability

Conversation

@red-hat-konflux

@red-hat-konflux red-hat-konflux Bot commented May 28, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
registry.redhat.io/openshift4/ose-tools-rhel9 stage digest 0d70224fb6fe3b

Warning

Some dependencies could not be looked up. Check the warning logs for more information.


immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution

CVE-2026-29063

More information

Details

A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).

Severity

Important

References


google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

CVE-2026-33186

More information

Details

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.

Severity

Important

References


github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

CVE-2026-34986

More information

Details

A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.

Severity

Important

References


Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

CVE-2026-35469

More information

Details

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.

Severity

Important

References


follow-redirects: follow-redirects: Information disclosure via cross-domain redirects

CVE-2026-40895

More information

Details

A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.

Severity

Important

References


axios: Axios: Information disclosure of proxy credentials via HTTP redirects

CVE-2026-44486

More information

Details

A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.

Severity

Important

References


axios: Axios: Information disclosure of proxy credentials via redirect flows

CVE-2026-44487

More information

Details

A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.

Severity

Important

References


axios: Axios: Denial of Service due to unenforced request and response size limits

CVE-2026-44488

More information

Details

A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).

Severity

Important

References


axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization

CVE-2026-44492

More information

Details

A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.

Severity

Important

References


axios: Axios: Information disclosure due to prototype pollution vulnerability

CVE-2026-44495

More information

Details

A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.

Severity

Important

References


axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name

CVE-2026-44496

More information

Details

A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.

Severity

Important

References


openshift/router: openshift/router: mTLS client certificate spoofing via unstripped X-SSL-Client headers on HTTP frontend

CVE-2026-46579

More information

Details

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client-* headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client-* headers. As a result, backends relying on these headers for mutual TLS (Transport Layer Security) authentication can be bypassed, enabling the attacker to impersonate client certificate identities.

Severity

Important

References


cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names

CVE-2026-27140

More information

Details

A flaw was found in the Go programming language (golang) and its command-line tool (cmd/go). A remote attacker could exploit this during the build process by crafting malicious SWIG (Simplified Wrapper and Interface Generator) file names that contain "cgo" and specific payloads. This could lead to code smuggling and arbitrary code execution, bypassing trust mechanisms and allowing the attacker to run unauthorized code.

Severity

Important

References


fast-uri: fast-uri: URI authority bypass due to improper delimiter handling

CVE-2026-6322

More information

Details

A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.

Severity

Important

References


axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution

CVE-2026-44494

More information

Details

A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the config.proxy setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.

Severity

Important

References


github.com/distribution/distribution: Distribution: Information disclosure via stale references after content deletion

CVE-2026-35172

More information

Details

A flaw was found in Distribution, a toolkit used for managing container content. When specific caching and deletion features are enabled, a remote attacker can exploit a vulnerability that allows previously deleted content to become readable again. This occurs because the system does not fully remove all references to the deleted data, leading to unauthorized information disclosure.

Severity

Important

References


xmldom: xmldom: Arbitrary XML markup injection

CVE-2026-41674

More information

Details

A flaw was found in xmldom and @​xmldom/xmldom, a JavaScript library for parsing and serializing XML. This vulnerability allows an attacker to inject arbitrary XML markup into a document due to improper handling of DocumentType node fields during serialization. By crafting malicious input, an attacker can cause the XML serializer to prematurely terminate the DOCTYPE declaration, enabling the insertion of unauthorized content. This could lead to information disclosure or, in certain configurations, the execution of arbitrary code.

Severity

Important

References


lodash: lodash: Arbitrary code execution via untrusted input in template imports

CVE-2026-4800

More information

Details

A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().

Severity

Important

References


net/url: Incorrect parsing of IPv6 host literals in net/url

CVE-2026-25679

More information

Details

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.

Severity

Important

References


golang: cmd/compile: possible memory corruption after bound check elimination

CVE-2026-27143

More information

Details

A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.

Severity

Important

References


golang: cmd/compile: no-op interface conversion bypasses overlap checking

CVE-2026-27144

More information

Details

A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.

Severity

Important

References


serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization

CVE-2026-34043

More information

Details

A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU consumption and an indefinite hang. The primary consequence is a Denial of Service (DoS), making the affected system unresponsive.

Severity

Important

References


axios: Axios: Remote Code Execution via Prototype Pollution escalation

CVE-2026-40175

More information

Details

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.

Severity

Important

References


shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators

CVE-2026-9277

More information

Details

A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.

Severity

Important

References


protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors

CVE-2026-44293

More information

Details

A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe expression within the toObject conversion function, ultimately allowing the attacker to execute arbitrary code.

Severity

Important

References


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@openshift-ci openshift-ci Bot requested review from otaviof and prietyc123 May 28, 2026 11:42
@openshift-ci

openshift-ci Bot commented May 28, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign rhopp for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from 4513f34 to 8dde8b1 Compare June 2, 2026 11:02
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 5ca980e [security] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 24fa100 [security] Jun 2, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from 8dde8b1 to 7687ee4 Compare June 15, 2026 19:01
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 24fa100 [security] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 5a8304c [security] Jun 15, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from 7687ee4 to a7f1b78 Compare June 16, 2026 11:52
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 5a8304c [security] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fdee6b6 [security] Jun 16, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from a7f1b78 to c9e319b Compare June 23, 2026 12:47
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fdee6b6 [security] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 23, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 26, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 26, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 26, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 27, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 27, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 27, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 27, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 27, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 28, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 28, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 28, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 28, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 29, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 29, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 29, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 30, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] Jun 30, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 248cdd3 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 248cdd3 [security] Jun 30, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from c9e319b to e58318c Compare June 30, 2026 17:23
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 1, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 1, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 1, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 2, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 2, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 2, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 2, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 3, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 3, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 3, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 4, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 4, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 4, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 5, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 5, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 5, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to 17d4647 [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Jul 7, 2026
… fb6fe3b [SECURITY]

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.9/docker-registry.redhat.io-openshift4-ose-tools-rhel9-vulnerability branch from e58318c to 38bfde5 Compare July 7, 2026 13:44
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to 17d4647 [SECURITY] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY] Jul 7, 2026
@sonarqubecloud

sonarqubecloud Bot commented Jul 7, 2026

Copy link
Copy Markdown

@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fb6fe3b [security] Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fb6fe3b [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY] Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot changed the title Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY] chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fb6fe3b [security] Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update registry.redhat.io/openshift4/ose-tools-rhel9 docker digest to fb6fe3b [security] Update registry.redhat.io/openshift4/ose-tools-rhel9 Docker digest to fb6fe3b [SECURITY] Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants