VDB

RHSA-2026%3A2145

RHSA-2026%3A2145 PUBLISHED CVSS 8.199999809265137 HIGH

A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.

Risk Scores

CVSS 3.1
8.199999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Affected Products

VendorProductVersions
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:4e910b08863756516707f2ad8198c04dc6d706c78f481561a3b2e896800d4dbe_amd64 as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:4e910b08863756516707f2ad8198c04dc6d706c78f481561a3b2e896800d4dbe_amd64, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:4e910b08863756516707f2ad8198c04dc6d706c78f481561a3b2e896800d4dbe_amd64, *
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ee28a1278a21783acbda367a8f10d51dd81a7f4af5dcba64c1d58402bac0b43d_s390x as a component of Red Hat OpenShift Service Mesh 2.6*, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ee28a1278a21783acbda367a8f10d51dd81a7f4af5dcba64c1d58402bac0b43d_s390x, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ee28a1278a21783acbda367a8f10d51dd81a7f4af5dcba64c1d58402bac0b43d_s390x
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:6851b4cf7f6da95b614431535c7c0c744dc441ff4abf9aaa203b46d652a529b9_arm64 as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:6851b4cf7f6da95b614431535c7c0c744dc441ff4abf9aaa203b46d652a529b9_arm64, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:6851b4cf7f6da95b614431535c7c0c744dc441ff4abf9aaa203b46d652a529b9_arm64, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:6851b4cf7f6da95b614431535c7c0c744dc441ff4abf9aaa203b46d652a529b9_arm64
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:ad1449f9047107c23d5b0e53c3ca148a12a9729dd7aa474c5eadb55870f314fa_arm64 as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:ad1449f9047107c23d5b0e53c3ca148a12a9729dd7aa474c5eadb55870f314fa_arm64, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:ad1449f9047107c23d5b0e53c3ca148a12a9729dd7aa474c5eadb55870f314fa_arm64, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:ad1449f9047107c23d5b0e53c3ca148a12a9729dd7aa474c5eadb55870f314fa_arm64
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:9a867a9efe090c85cb5cd198e82663d87b1bc29061420def8cfe119c45c025fc_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:9a867a9efe090c85cb5cd198e82663d87b1bc29061420def8cfe119c45c025fc_ppc64le, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:9a867a9efe090c85cb5cd198e82663d87b1bc29061420def8cfe119c45c025fc_ppc64le, registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:9a867a9efe090c85cb5cd198e82663d87b1bc29061420def8cfe119c45c025fc_ppc64le
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:f7701158e0b0c3b0091d30be1dfe2fba73386160536929025504e903cf8c8bd9_amd64 as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:f7701158e0b0c3b0091d30be1dfe2fba73386160536929025504e903cf8c8bd9_amd64, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:f7701158e0b0c3b0091d30be1dfe2fba73386160536929025504e903cf8c8bd9_amd64, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:f7701158e0b0c3b0091d30be1dfe2fba73386160536929025504e903cf8c8bd9_amd64
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:edc436424d55e4f8e0765ac59a4b2dcbd38dce49532db0bd917ca5b3c4526fac_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:edc436424d55e4f8e0765ac59a4b2dcbd38dce49532db0bd917ca5b3c4526fac_ppc64le, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:edc436424d55e4f8e0765ac59a4b2dcbd38dce49532db0bd917ca5b3c4526fac_ppc64le, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:edc436424d55e4f8e0765ac59a4b2dcbd38dce49532db0bd917ca5b3c4526fac_ppc64le
Red Hatregistry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:d16be0b09ee231bda769ddb16cb781e2a0fefca42243ada15c8c176d5ba711a8_s390x as a component of Red Hat OpenShift Service Mesh 2.6registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:d16be0b09ee231bda769ddb16cb781e2a0fefca42243ada15c8c176d5ba711a8_s390x, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:d16be0b09ee231bda769ddb16cb781e2a0fefca42243ada15c8c176d5ba711a8_s390x, registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:d16be0b09ee231bda769ddb16cb781e2a0fefca42243ada15c8c176d5ba711a8_s390x

Timeline

  • Feb 5, 2026 CVE Published
  • May 5, 2026 Distribution Patch
  • May 5, 2026 Distribution Patch
  • May 5, 2026 Security Advisory
  • May 5, 2026 Security Advisory
  • May 5, 2026 Security Advisory
  • May 13, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›