Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2024-45296

Inefficient Regular Expression Complexity

Published: Sep 09, 2024 | Modified: Jan 24, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
5.3 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2024-45296
CWEhttps://cwe.mitre.org/data/definitions/1333.html

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.

Weakness

The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.

Affected Software

Name Vendor Start Version End Version
Discovery 1 for RHEL 9 RedHat discovery/discovery-server-rhel9:1.12.0-1 *
Discovery 1 for RHEL 9 RedHat discovery/discovery-ui-rhel9:1.12.0-1 *
HawtIO 4.0.0 for Red Hat build of Apache Camel 4 RedHat path-to-regexp *
Multicluster engine for Kubernetes 2.6 for RHEL 8 RedHat multicluster-engine/assisted-image-service-rhel8:v2.6.4-4 *
Multicluster engine for Kubernetes 2.6 for RHEL 8 RedHat multicluster-engine/assisted-installer-agent-rhel8:v2.6.4-7 *
Multicluster engine for Kubernetes 2.6 for RHEL 8 RedHat multicluster-engine/assisted-installer-controller-rhel8:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 8 RedHat multicluster-engine/assisted-installer-rhel8:v2.6.4-7 *
Multicluster engine for Kubernetes 2.6 for RHEL 8 RedHat multicluster-engine/assisted-service-8-rhel8:v2.6.4-11 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/addon-manager-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/assisted-service-9-rhel9:v2.6.4-11 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/backplane-rhel9-operator:v2.6.4-21 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-api-provider-agent-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-api-provider-kubevirt-rhel9:v2.6.4-4 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-api-rhel9:v2.6.4-4 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/clusterclaims-controller-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-curator-controller-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-image-set-controller-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/clusterlifecycle-state-metrics-rhel9:v2.6.4-7 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-proxy-addon-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/cluster-proxy-rhel9:v2.6.4-5 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/console-mce-rhel9:v2.6.4-19 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/discovery-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/hive-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/hypershift-addon-rhel9-operator:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/hypershift-cli-rhel9:v2.6.4-24 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/hypershift-rhel9-operator:v2.6.4-23 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/image-based-install-rhel9:v2.6.4-65 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/kube-rbac-proxy-mce-rhel9:v2.6.4-3 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/managedcluster-import-controller-rhel9:v2.6.4-8 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/managed-serviceaccount-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/mce-operator-bundle:v2.6.4-47 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/multicloud-manager-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/must-gather-rhel9:v2.6.4-18 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/placement-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/provider-credential-controller-rhel9:v2.6.4-6 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/registration-operator-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/registration-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.6 for RHEL 9 RedHat multicluster-engine/work-rhel9:v2.6.4-14 *
Multicluster engine for Kubernetes 2.7 for RHEL 8 RedHat multicluster-engine/assisted-service-8-rhel8:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/addon-manager-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/assisted-image-service-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/assisted-installer-agent-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/assisted-installer-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/assisted-installer-rhel9:v2.7.2-2 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/assisted-service-9-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/backplane-rhel9-operator:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-api-provider-agent-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-api-provider-kubevirt-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-api-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/clusterclaims-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-curator-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-image-set-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/clusterlifecycle-state-metrics-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-proxy-addon-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/cluster-proxy-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/console-mce-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/discovery-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/hive-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/hypershift-addon-rhel9-operator:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/hypershift-cli-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/hypershift-rhel9-operator:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/image-based-install-rhel9:v2.7.2-3 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/kube-rbac-proxy-mce-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/managedcluster-import-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/managed-serviceaccount-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/mce-operator-bundle:v2.7.2-3 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/multicloud-manager-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/must-gather-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/placement-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/provider-credential-controller-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/registration-operator-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/registration-rhel9:v2.7.2-1 *
Multicluster engine for Kubernetes 2.7 for RHEL 9 RedHat multicluster-engine/work-rhel9:v2.7.2-1 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-cli-rhel9:v1.7.0-67 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-console-plugin-rhel9:v1.7.0-67 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-ebpf-agent-rhel9:v1.7.0-67 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-flowlogs-pipeline-rhel9:v1.7.0-67 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-operator-bundle:1.7.0-86 *
NETWORK-OBSERVABILITY-1.7.0-RHEL-9 RedHat network-observability/network-observability-rhel9-operator:v1.7.0-67 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-cluster-permission-rhel9:v2.11.4-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-governance-policy-addon-controller-rhel9:v2.11.4-12 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-governance-policy-framework-addon-rhel9:v2.11.4-13 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-grafana-rhel9:v2.11.4-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-must-gather-rhel9:v2.11.4-12 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-operator-bundle:v2.11.4-47 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-prometheus-config-reloader-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-prometheus-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-search-indexer-rhel9:v2.11.4-10 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-search-v2-api-rhel9:v2.11.4-12 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-search-v2-rhel9:v2.11.4-11 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/acm-volsync-addon-controller-rhel9:v2.11.4-22 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/cert-policy-controller-rhel9:v2.11.4-12 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/cluster-backup-rhel9-operator:v2.11.4-25 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/config-policy-controller-rhel9:v2.11.4-15 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/console-rhel9:v2.11.4-17 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/endpoint-monitoring-rhel9-operator:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/governance-policy-propagator-rhel9:v2.11.4-13 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/grafana-dashboard-loader-rhel9:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/insights-client-rhel9:v2.11.4-10 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/insights-metrics-rhel9:v2.11.4-11 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/klusterlet-addon-controller-rhel9:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/kube-rbac-proxy-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/kube-state-metrics-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/memcached-exporter-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/memcached-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/metrics-collector-rhel9:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multicloud-integrations-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multiclusterhub-rhel9:v2.11.4-16 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multicluster-observability-rhel9-operator:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multicluster-operators-application-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multicluster-operators-channel-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/multicluster-operators-subscription-rhel9:v2.11.4-5 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/node-exporter-rhel9:v2.11.4-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/observatorium-rhel9:v2.11.4-5 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/observatorium-rhel9-operator:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/prometheus-alertmanager-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/prometheus-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/rbac-query-proxy-rhel9:v2.11.4-6 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/search-collector-rhel9:v2.11.4-10 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/submariner-addon-rhel9:v2.11.4-17 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/thanos-receive-controller-rhel9:v2.11.4-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9 RedHat rhacm2/thanos-rhel9:v2.11.4-5 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-cli-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-cluster-permission-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-governance-policy-addon-controller-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-governance-policy-framework-addon-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-grafana-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-multicluster-observability-addon-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-must-gather-rhel9:v2.12.1-5 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-operator-bundle:v2.12.1-10 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-prometheus-config-reloader-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-prometheus-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-search-indexer-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-search-v2-api-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-search-v2-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-siteconfig-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/acm-volsync-addon-controller-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/cert-policy-controller-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/cluster-backup-rhel9-operator:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/config-policy-controller-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/console-rhel9:v2.12.1-8 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/endpoint-monitoring-rhel9-operator:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/governance-policy-propagator-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/grafana-dashboard-loader-rhel9:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/insights-client-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/insights-metrics-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/klusterlet-addon-controller-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/kube-rbac-proxy-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/kube-state-metrics-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/memcached-exporter-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/memcached-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/metrics-collector-rhel9:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multicloud-integrations-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multiclusterhub-rhel9:v2.12.1-4 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multicluster-observability-rhel9-operator:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multicluster-operators-application-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multicluster-operators-channel-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/multicluster-operators-subscription-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/node-exporter-rhel9:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/observatorium-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/observatorium-rhel9-operator:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/prometheus-alertmanager-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/prometheus-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/rbac-query-proxy-rhel9:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/search-collector-rhel9:v2.12.1-3 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/submariner-addon-rhel9:v2.12.1-5 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/thanos-receive-controller-rhel9:v2.12.1-2 *
Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9 RedHat rhacm2/thanos-rhel9:v2.12.1-2 *
Red Hat Ansible Automation Platform 2.4 for RHEL 8 RedHat automation-controller-0:4.5.13-1.el8ap *
Red Hat Ansible Automation Platform 2.4 for RHEL 9 RedHat automation-controller-0:4.5.13-1.el9ap *
Red Hat Migration Toolkit for Containers 1.8 RedHat rhmtc/openshift-migration-ui-rhel8:v1.8.5-7 *
Red Hat OpenShift Container Platform 4.16 RedHat openshift4/ose-monitoring-plugin-rhel9:v4.16.0-202410021704.p0.g6a049e3.assembly.stream.el9 *
Red Hat OpenShift Container Platform 4.17 RedHat openshift4/ose-monitoring-plugin-rhel9:v4.17.0-202410091535.p0.gc7bc7fc.assembly.stream.el9 *
Red Hat OpenShift Container Platform 4.17 RedHat openshift4/nmstate-console-plugin-rhel9:v4.17.0-202501301204.p0.gcffdc60.assembly.stream.el9 *
Red Hat OpenShift Dev Spaces 3 Containers RedHat devspaces/dashboard-rhel8:3.17-25 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/argocd-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/argo-rollouts-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/console-plugin-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/dex-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/gitops-operator-bundle:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/gitops-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/gitops-rhel8-operator:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/kam-delivery-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-1/must-gather-rhel8:v1.13.2-4 *
Red Hat OpenShift GitOps 1.13 RedHat openshift-gitops-argocd-rhel9-container-v1.13.2-5 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/grafana-rhel8:2.6.2-3 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/istio-cni-rhel8:2.6.2-5 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/istio-must-gather-rhel8:2.6.2-4 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/istio-rhel8-operator:2.6.2-5 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/kiali-ossmc-rhel8:1.89.2-3 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/kiali-rhel8:1.89.4-3 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/kiali-rhel8-operator:1.89.6-1 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/pilot-rhel8:2.6.2-5 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 8 RedHat openshift-service-mesh/ratelimit-rhel8:2.6.2-3 *
Red Hat OpenShift Service Mesh 2.6 for RHEL 9 RedHat openshift-service-mesh/proxyv2-rhel9:2.6.2-7 *
RHODF-4.14-RHEL-9 RedHat odf4/odf-console-rhel9:v4.14.13-3 *
RHODF-4.15-RHEL-9 RedHat odf4/odf-console-rhel9:v4.15.9-1 *
RHODF-4.16-RHEL-9 RedHat odf4/ocs-client-console-rhel9:v4.16.5-2 *
RHODF-4.16-RHEL-9 RedHat odf4/odf-console-rhel9:v4.16.5-2 *
RHODF-4.16-RHEL-9 RedHat odf4/odf-multicluster-console-rhel9:v4.16.5-2 *
RHODF-4.17-RHEL-9 RedHat odf4/mcg-core-rhel9:v4.17.0-69 *
RHODF-4.17-RHEL-9 RedHat odf4/ocs-client-console-rhel9:v4.17.0-53 *
RHODF-4.17-RHEL-9 RedHat odf4/odf-console-rhel9:v4.17.0-53 *
RHODF-4.17-RHEL-9 RedHat odf4/odf-multicluster-console-rhel9:v4.17.0-53 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/cluster-logging-operator-bundle:v5.9.7-11 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/cluster-logging-rhel9-operator:v5.9.7-6 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/eventrouter-rhel9:v0.4.0-301 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/fluentd-rhel9:v5.9.7-3 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-282 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/logging-loki-rhel9:v3.1.1-10 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/logging-view-plugin-rhel9:v5.9.7-5 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/loki-operator-bundle:v5.9.7-16 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/loki-rhel9-operator:v5.9.7-7 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/lokistack-gateway-rhel9:v0.1.0-653 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/opa-openshift-rhel9:v0.1.0-288 *
RHOL-5.9-RHEL-9 RedHat openshift-logging/vector-rhel9:v0.34.1-19 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.35.0-5 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-data-index-postgresql-rhel8:1.35.0-5 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.35.0-5 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.35.0-6 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8:1.35.0-2 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-management-console-rhel8:1.35.0-5 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-operator-bundle:1.35.0-5 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-rhel8-operator:1.35.0-6 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-swf-builder-rhel8:1.35.0-6 *
RHOSS-1.35-RHEL-8 RedHat openshift-serverless-1/logic-swf-devmode-rhel8:1.35.0-6 *
Red Hat OpenShift distributed tracing 3.4 RedHat registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:56784b527bf1fc1a2a0f24ea9b6edea3927746cbe1b18d9c653e0be621f07911 *
Red Hat OpenShift distributed tracing 3.4 RedHat registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:8d0e9eb0894de1289dfa9556cf9411874df3111f3e84471256de6b2d75ecd829 *
Red Hat Trusted Profile Analyzer 1.2 RedHat registry.redhat.io/rhtpa/rhtpa-trustification-service-rhel9:sha256:c1a20911cb6cc59707f517f6203c2f8cb26644ee25dd0ed967393c5f57194464 *
Red Hat Trusted Profile Analyzer 1.2 RedHat registry.redhat.io/rhtpa/rhtpa-guac-rhel9:sha256:6911d51ce44779ef1a5f3428486698d19779da9316d799e0968047f01cef37f7 *
RHDH 1.4 RedHat registry.redhat.io/rhdh/rhdh-hub-rhel9:sha256:48edcf6f736e17f33d3630ce2fddc19e95316b7824a7af24e9f0df48ac4f4fe3 *

Extended Description

	  Attackers can create crafted inputs that
	  intentionally cause the regular expression to use
	  excessive backtracking in a way that causes the CPU
	  consumption to spike.

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use