Arbitrary code execution and information disclosure via path traversal
Summary
Arbitrary code execution and information disclosure via path traversal. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. Red Hat lists fixing advisory RHSA-2026:39058 with package prometheus3-13-main-3.13.1-0.1.hum1.
What this means
In plain English
Arbitrary code execution and information disclosure via path traversal. Red Hat rates this important (CVSS 8.1). Weakness: CWE-22. Red Hat lists fixing advisory RHSA-2026:39058 with package prometheus3-13-main-3.13.1-0.1.hum1. Successful exploitation can let an attacker run code in the security context of the affected service or device.
Recommended action
Primary action: update to a vendor-listed fixed release: prometheus3-13-main-3.13.1-0.1.hum1, RHSA-2026:39058.
Rewritten locally from the scraped official advisory data above; no generative API is used. The vendor advisory is authoritative.
Affected versions
No affected-version range was extracted from the source record. The vendor advisory is authoritative — check it before change work.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
- prometheus3-13-main-3.13.1-0.1.hum1
- RHSA-2026:39058
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation
Upgrade to a fixed release: prometheus3-13-main-3.13.1-0.1.hum1, RHSA-2026:39058. That is the remediation for this advisory.
The vendor advisory may list additional interim mitigations or workarounds not captured here — review it before change work.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.