VDB
RHSA-2026%3A4185
RHSA-2026%3A4185
PUBLISHED
CVSS 8.699999809265137 HIGH
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
Risk Scores
CVSS 3.1
8.699999809265137
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le as a component of Red Hat Quay 3.13 | *, *, * |
| Red Hat | registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64 as a component of Red Hat Quay 3.13 | *, *, registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64 |
| Red Hat | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64, *, * |
| Red Hat | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64, registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64, registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64 |
| Red Hat | registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x, registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x, registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x |
| Red Hat | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x as a component of Red Hat Quay 3.13 | *, *, * |
| Red Hat | registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x as a component of Red Hat Quay 3.13 | *, registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x, registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x |
| Red Hat | Red Hat Quay | |
| Red Hat | registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64 as a component of Red Hat Quay 3.13 | *, *, * |
| Red Hat | registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64 as a component of Red Hat Quay 3.13 | *, *, * |
| Red Hat | registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x, *, registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x |
| Red Hat | registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le, registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le, registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le |
| Red Hat | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64, registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64, registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64 |
| Red Hat | registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x as a component of Red Hat Quay 3.13 | *, registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x, registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x |
| Red Hat | registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64, registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64, registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64 |
| Red Hat | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x, *, * |
| Red Hat | registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64, registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64, * |
| Red Hat | registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64, registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64, registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64 |
| Red Hat | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64 as a component of Red Hat Quay 3.13 | registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64, registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64, registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64 |
| Red Hat | registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64 as a component of Red Hat Quay 3.13 | *, registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64, * |
…and 45 more
Timeline
- Mar 10, 2026 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:4185 advisory
- https://access.redhat.com/security/cve/CVE-2025-12816 advisory
- https://access.redhat.com/security/cve/CVE-2025-15284 advisory
- https://access.redhat.com/security/cve/CVE-2025-52881 advisory
- https://access.redhat.com/security/cve/CVE-2025-61729 advisory
- https://access.redhat.com/security/cve/CVE-2025-65945 advisory
- https://access.redhat.com/security/cve/CVE-2025-66418 advisory
- https://access.redhat.com/security/cve/CVE-2025-66471 advisory
- https://access.redhat.com/security/cve/CVE-2025-66506 advisory
- https://access.redhat.com/security/cve/CVE-2026-21441 advisory
- https://access.redhat.com/security/cve/CVE-2026-24049 advisory
- https://access.redhat.com/security/updates/classification/ advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4185.json advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2417097 issue
- https://www.cve.org/CVERecord?id=CVE-2025-12816 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-12816 advisory
- https://github.com/digitalbazaar/forge advisory
- https://github.com/digitalbazaar/forge/pull/1124 advisory
- https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq advisory
- https://kb.cert.org/vuls/id/521113 advisory
…and 49 more