VDB

RHSA-2026%3A26546

RHSA-2026%3A26546 PUBLISHED CVSS 8.199999809265137 HIGH

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.

Risk Scores

CVSS 3.1
8.199999809265137
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

Affected Products

VendorProductVersions
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:84a3a5dd210a654ededb8bcd4c58dd02ed68edf671282c042329c7be2b7dee4d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e96b4440d0993643b6f087bbdadb94b83244a8c96e4a4afe4d4aaa32b3afeb8b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c2945542fefa78e8d76d65ddc1c786338429d2059dbfa8a9d0029c1ec895bbca_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9edc0ebaa61a44080ee6d472bd3dcc7e983223ead478fe1b7ca26f3da53d5ebe_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:851c0dbbf68220913c9a87e9c7a81622b958321b3feb01adf63343581051b95a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:bd262d2f59cbca8bb04249d7dd538e3ad9c7373a6b53552a054097e578d86231_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:211d4b3bdccbf62586c50074588e37d2635b1112a346fc709a0b340e2ec9f134_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ea9dd594528c8ba2b5ad7a9bf89546bb4001df09aa8c644a95f060a9637288ed_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a34def9aa384d43a25c7d5e54aae3444f6f7d46fc9700e91a080d537c6c6d87d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bf5f7c5328286a88696c6a629da9e5aed809bc84909e1e13cdbb7387e4b6189_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6c3f9482d525f3cee1abf475b2bdd4e1ac69f16a932da849c7dd8ecca97ef175_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red Hatregistry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7bd6232744fb5b788fd4ed5e28d3770e42c5ce6c01d882bb4b4fc572038ada1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9*, *
Red HatRed Hat Advanced Cluster Security for Kubernetes

…and 26 more

Timeline

  • Jun 17, 2026 CVE Published
  • Jun 18, 2026 Distribution Patch
  • Jun 18, 2026 Distribution Patch
  • Jun 18, 2026 Security Advisory
  • Jun 18, 2026 Security Advisory
  • Jun 18, 2026 Security Advisory
  • Jul 7, 2026 CVE Updated
  • Jul 7, 2026 Security Advisory
  • Jul 7, 2026 Security Advisory
  • Jul 7, 2026 Security Advisory
  • Jul 7, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›