Please fix high-sev CVEs in ansible-operator:main image - blocker for RH operator certification

The `ansible-operator:main` image currently has 17 High CVEs, which is a blocker for our Red Hat operator certification.

Please update to clear them. Image and full scan:

- Image: https://quay.io/repository/operator-framework/ansible-operator?tab=tags&tag=main
- Vulnerabilities: https://quay.io/repository/operator-framework/ansible-operator/manifest/sha256:7aff62c931d222a87bcb35bef80652aa526e237cc66592a72f4552336a0ca03d?tab=vulnerabilities

High CVEs to address:

| # | CVE | Package |
|---|-----|---------|
| 1 | [GHSA-537c-gmf6-5ccf](https://github.com/advisories/GHSA-537c-gmf6-5ccf) | cryptography |
| 2 | [CVE-2026-40356](https://access.redhat.com/security/cve/CVE-2026-40356) | krb5-libs |
| 3 | [CVE-2026-45186](https://access.redhat.com/security/cve/CVE-2026-45186) | expat |
| 4 | [CVE-2026-45447](https://access.redhat.com/security/cve/CVE-2026-45447) | openssl-libs |
| 5 | [CVE-2026-4519](https://access.redhat.com/security/cve/CVE-2026-4519) | python3.12 |
| 6 | [CVE-2026-6100](https://access.redhat.com/security/cve/CVE-2026-6100) | python3.12 |
| 7 | [CVE-2026-4786](https://access.redhat.com/security/cve/CVE-2026-4786) | python3.12 |
| 8 | [CVE-2025-59375](https://access.redhat.com/security/cve/CVE-2025-59375) | python3.12 |
| 9 | [CVE-2026-4878](https://access.redhat.com/security/cve/CVE-2026-4878) | libcap |
| 10 | [CVE-2026-4519](https://access.redhat.com/security/cve/CVE-2026-4519) | python3.12-libs |
| 11 | [CVE-2026-6100](https://access.redhat.com/security/cve/CVE-2026-6100) | python3.12-libs |
| 12 | [CVE-2026-4786](https://access.redhat.com/security/cve/CVE-2026-4786) | python3.12-libs |
| 13 | [CVE-2025-59375](https://access.redhat.com/security/cve/CVE-2025-59375) | python3.12-libs |
| 14 | [CVE-2026-33846](https://access.redhat.com/security/cve/CVE-2026-33846) | gnutls |
| 15 | [CVE-2026-42009](https://access.redhat.com/security/cve/CVE-2026-42009) | gnutls |
| 16 | [CVE-2026-42010](https://access.redhat.com/security/cve/CVE-2026-42010) | gnutls |
| 17 | [CVE-2026-33845](https://access.redhat.com/security/cve/CVE-2026-33845) | gnutls |

Thanks!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Please fix high-sev CVEs in ansible-operator:main image - blocker for RH operator certification #223

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

#	CVE	Package
1	GHSA-537c-gmf6-5ccf	cryptography
2	CVE-2026-40356	krb5-libs
3	CVE-2026-45186	expat
4	CVE-2026-45447	openssl-libs
5	CVE-2026-4519	python3.12
6	CVE-2026-6100	python3.12
7	CVE-2026-4786	python3.12
8	CVE-2025-59375	python3.12
9	CVE-2026-4878	libcap
10	CVE-2026-4519	python3.12-libs
11	CVE-2026-6100	python3.12-libs
12	CVE-2026-4786	python3.12-libs
13	CVE-2025-59375	python3.12-libs
14	CVE-2026-33846	gnutls
15	CVE-2026-42009	gnutls
16	CVE-2026-42010	gnutls
17	CVE-2026-33845	gnutls

Please fix high-sev CVEs in ansible-operator:main image - blocker for RH operator certification #223

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions